⚠ Actively exploited

Added to CISA KEV on 2022-03-25. Federal agencies required to patch by 2022-04-15. Required action: Apply updates per vendor instructions..

CVE-2018-8414 — Improper Input Validation in Microsoft Windows 10

CWE-20 — Improper Input Validation7 documents7 sources

Severity

8.8HIGHNVD

EPSS

87.9%

top 0.52%

CISA KEV

KEV

Added 2022-03-25

Due 2022-04-15

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Windows 10 Microsoft Windows 10 Servers

Timeline

PublishedAug 15

KEV addedMar 25

KEV dueApr 15

Latest updateMay 14

CISA Required Action: Apply updates per vendor instructions.

Description

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5microsoft/windows_10_serversversion 1709 (Server Core Installation), version 1803 (Server Core Installation)+1

▶CVEListV5microsoft/windows_106 versions+5

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-xg99-mpwj-gf2c: A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vu↗2022-05-14

▶

CVEList

CVE-2018-8414: A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vu↗2018-08-15

▶

VulnCheck

Microsoft Windows Shell Remote Code Execution Vulnerability↗2018

▶

📋Vendor Advisories

CISA

Microsoft Windows Shell Remote Code Execution Vulnerability↗2022-03-25

▶

Microsoft

Windows Shell Remote Code Execution Vulnerability↗2018-08-14

▶