cbcvebase.
CVE-2018-8134
published 2018-05-09

CVE-2018-8134: An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability."…

PriorityP340high7CVSS 3.0
AVLACHPRLUINSUCHIHAH
EXPLOIT
EPSS
3.05%
85.9th percentile
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

Affected

41 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10_servers
microsoftwindows_10_servers
microsoftwindows_8.1
microsoftwindows_8.1
microsoftwindows_rt_8.1
microsoftwindows_server_2012
microsoftwindows_server_2012_r2
microsoftwindows_server_2016
microsoftwindows_server_2016
microsoftwindows_server_2016
msrcwindows_10_for_32-bit_systems

CVSS provenance

nvdv3.07.0HIGHCVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.