Privilege escalation in Microsoft Windows SMB Server

Published: 2018-01-04 10:08:54
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-0749
Exploitation vector Local
Public exploit N/A
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 8.1
Windows 7
Windows 10
Windows Server 2012
Windows Server 2012 R2
Windows Server 2008
Windows Server 2008 R2
Windows Server 2016
Vendor URL Microsoft

Security Advisory

1) Privilege escalation


The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an unspecified error in Windows SMB Server, which allows a local user to bypass certain security checks in the operating system while trying to obtain apecially crafted file over the SMB protocol on the same machine. Successful exploitation of the vulnerability may allow an attacker to escalate privileges on the affected system.


Install updates from vendor's website.

External links

Back to List