ID:2243 - Exploit for Buffer overflow in Windows Server and Windows - CVE-2018-8120

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:2243 - Exploit for Buffer overflow in Windows Server and Windows - CVE-2018-8120

ID:2243 - Exploit for Buffer overflow in Windows Server and Windows - CVE-2018-8120

Published: March 31, 2020


Vulnerability identifier: #VU12457
Vulnerability risk: High
CVE-ID: CVE-2018-8120
CWE-ID: CWE-119
Exploitation vector: Local access
Vulnerable software:
Windows Server
Windows

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to boundary error in win32k.sys driver. A local user can execute arbitrary code with SYSTEM privileges.

Note: this vulnerability is being actively exploited in limited targeted attacks.


Remediation

Install updates from vendor's website.