Vulnerability identifier: #VU15249

Vulnerability risk: Medium

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2018-8453

CWE-ID: CWE-416

Exploitation vector: Local

Exploits in database: 3

• June 17, 2021
  • Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit) [Exploit-DB]
• June 2, 2020
  • WindowsExploitationResources (Resources pertaining to advanced Windows exploit development and semi-related topics) [Github]
• March 18, 2020
  • Windows NtUserSetWindowFNID Win32k User Callback [Metasploit]

Impact: Code execution

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft