CVE-2018-8622
published 2018-12-12CVE-2018-8622: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure…
PriorityP276medium5.5CVSS 3.0
AVLACLPRLUINSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.84%
76.2th percentile
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8621.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_7 | — | — |
| microsoft | windows_7 | — | — |
| microsoft | windows_8.1 | — | — |
| microsoft | windows_8.1 | — | — |
| microsoft | windows_rt_8.1 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2 | — | — |
| microsoft | windows_server_2008_r2 | — | — |
| microsoft | windows_server_2008_r2 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012_r2 | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | — | — |
| msrc | windows_7_for_32-bit_systems_service_pack_1 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered by a specially crafted application running in user mode; monitor for user-mode processes performing unusual or unexpected reads of kernel memory space. ↗
- →The disclosed information type is uninitialized/kernel memory readable from user mode; detection should focus on anomalous user-mode to kernel-space memory access patterns. ↗
- ·Exploit status is 'Publicly Disclosed: No; Exploited: No' at time of advisory, but older software releases are rated 'Exploitation More Likely' — prioritize patching on legacy Windows versions. ↗
- ·CVE-2018-8622 is a distinct vulnerability from CVE-2018-8621 and CVE-2018-8477, all of which are Windows Kernel Information Disclosure issues patched in the same update cycle; ensure all three are remediated. ↗
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vulncheck5.5MEDIUM
vendor_msrc4.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Kernel Information Disclosure Vulnerability
vendor_msrc·2018-12-11·CVSS 4.7
CVE-2018-8622 [MEDIUM] Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
An authenticated attacker could exploit this vulnerability by running a specially crafted application.
The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.
FAQ: What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user
GHSA
GHSA-4v5x-6vf6-8x7f: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
ghsa_unreviewed·2022-05-13·CVSS 5.5
CVE-2018-8621 [MEDIUM] GHSA-4v5x-6vf6-8x7f: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8622.
GHSA
GHSA-m5hc-m98g-p285: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
ghsa_unreviewed·2022-05-13·CVSS 5.5
CVE-2018-8477 [MEDIUM] GHSA-m5hc-m98g-p285: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8621, CVE-2018-8622.
GHSA
GHSA-54j4-wcwj-j2g9: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
ghsa_unreviewed·2022-05-13·CVSS 5.5
CVE-2018-8622 [MEDIUM] GHSA-54j4-wcwj-j2g9: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8621.
VulnCheck
Microsoft Windows Kernel Information Disclosure Vulnerability
vulncheck·2018·CVSS 5.5
CVE-2018-8477 [MEDIUM] Microsoft Windows Kernel Information Disclosure Vulnerability
Microsoft Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8621, CVE-2018-8622.
Affected: Microsoft Windows
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.tenable.com/blog/daisy-chaining-how-vulnerabilities-can-be-greater-than
VulnCheck
Microsoft Windows Kernel Information Disclosure Vulnerability
vulncheck·2018·CVSS 5.5
CVE-2018-8622 [MEDIUM] Microsoft Windows Kernel Information Disclosure Vulnerability
Microsoft Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8621.
Affected: Microsoft Windows
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.tenable.com/blog/daisy-chaining-how-vulnerabilities-can-be-greater-than-the-sum-of-their-parts
VulnCheck
Microsoft Windows Kernel Information Disclosure Vulnerability
vulncheck·2018·CVSS 5.5
CVE-2018-8621 [MEDIUM] Microsoft Windows Kernel Information Disclosure Vulnerability
Microsoft Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8622.
Affected: Microsoft Windows
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.tenable.com/blog/daisy-chaining-how-vulnerabilities-can-be-greater-than-the-sum-of-their-parts
No detection rules found.
No public exploits indexed.
2018-12-12
Published
Exploited in the wild