CVE-2018-0983 — Corporation Windows Storage Services vulnerability

5 documents4 sources

Severity

7.0HIGHNVD

EPSS

1.1%

top 21.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Windows Storage Services Microsoft Windows 10 Microsoft Windows Server 2016 +10 more

Timeline

PublishedMar 14

Latest updateMay 13

Description

Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages13 packages

▶msrcmsrc/windows_server_version_1709

▶CVEListV5microsoft_corporation/windows_storage_servicesWindows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709

▶msrcmsrc/windows_server_2016

▶msrcmsrc/windows_10_version_1709_for_32-bit_systems

▶msrcmsrc/windows_10_version_1709_for_x64-based_systems

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-48r5-w4v7-4vx3: Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of↗2022-05-13

▶

📋Vendor Advisories

Microsoft

Windows Storage Services Elevation of Privilege Vulnerability↗2018-03-13

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday - March 2018↗2018-03-13

▶

Talos

Microsoft Patch Tuesday - March 2018↗2018-03-13

▶