cbcvebase.
CVE-2018-8621
published 2018-12-12

CVE-2018-8621: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure…

PriorityP275medium5.5CVSS 3.0
AVLACLPRLUINSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.84%
76.2th percentile
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8622.

Affected

29 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_7
microsoftwindows_7
microsoftwindows_8.1
microsoftwindows_8.1
microsoftwindows_rt_8.1
microsoftwindows_server_2008
microsoftwindows_server_2008
microsoftwindows_server_2008
microsoftwindows_server_2008
microsoftwindows_server_2008
microsoftwindows_server_2008
microsoftwindows_server_2008_r2
microsoftwindows_server_2008_r2
microsoftwindows_server_2008_r2
microsoftwindows_server_2012
microsoftwindows_server_2012
microsoftwindows_server_2012_r2
microsoftwindows_server_2016
microsoftwindows_server_2016
msrcwindows_7_for_32-bit_systems_service_pack_1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability involves uninitialized/kernel memory read from user mode process via a specially crafted application; monitor for unusual user-mode processes attempting to read kernel memory or triggering kernel object handling anomalies.
  • Exploitation requires an authenticated attacker running a specially crafted application; monitor for anomalous authenticated local process execution patterns on affected Windows systems.
  • ·Exploit status is 'Publicly Disclosed: No; Exploited: No' but rated 'Exploitation More Likely' for older software releases — prioritize patching older Windows versions.
  • ·CVE-2018-8621 is distinct from related kernel info-disclosure CVEs CVE-2018-8477 and CVE-2018-8622; ensure patches for all three are applied independently.

CVSS provenance

nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vulncheck5.5MEDIUM
vendor_msrc4.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.