CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-8589

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.049

EPSS Ranking 89.2%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

Proposed Action

A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.

Ransomware Campaign

Unknown

References

http://www.securityfocus.com/bid/105796
http://www.securitytracker.com/id/1042140
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8589
http://www.securityfocus.com/bid/105796
http://www.securitytracker.com/id/1042140
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8589

Products affected by CVE-2018-8589

Microsoft » Windows 7 » Version: N/A

cpe:2.3:o:microsoft:windows_7:-
Microsoft » Windows Server 2008 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2008:-
Microsoft » Windows Server 2008 » Version: r2

cpe:2.3:o:microsoft:windows_server_2008:r2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8589

Products

Pricing

Contact Us