Privilege escalation in Microsoft Windows SMB Server

Published: 2018-01-04 10:08:54
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-0749
CVSSv3 7.5 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-264
Exploitation vector Local
Public exploit Not available
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 8.1
Windows 7
Windows 10
Windows Server 2012
Windows Server 2012 R2
Windows Server 2008
Windows Server 2008 R2
Windows Server 2016
Vendor URL Microsoft

Security Advisory

1) Privilege escalation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an unspecified error in Windows SMB Server, which allows a local user to bypass certain security checks in the operating system while trying to obtain apecially crafted file over the SMB protocol on the same machine. Successful exploitation of the vulnerability may allow an attacker to escalate privileges on the affected system.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0749

Back to List