⚠ Actively exploited
Added to CISA KEV on 2024-08-05. Federal agencies required to patch by 2024-08-26. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..
CVE-2018-0824 — Deserialization of Untrusted Data in Microsoft Windows Server 2008
Severity
8.8HIGHNVD
EPSS
91.5%
top 0.33%
CISA KEV
KEV
Added 2024-08-05
Due 2024-08-26
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedMay 9
KEV addedAug 5
KEV dueAug 26
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages16 packages
Patches
🔴Vulnerability Details
2💥Exploits & PoCs
2📋Vendor Advisories
2🕵️Threat Intelligence
6Talos▶
There is no real fix to the security issues recently found in GitHub and other similar software↗2024-08-01
Talos▶
There is no real fix to the security issues recently found in GitHub and other similar software↗2024-08-01
Talos▶
APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike↗2024-08-01
Talos▶
APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike↗2024-08-01