Main Vulnerability Database Exploits ID:6097 - Exploit for Input validation error in Windows and Windows Server - CVE-2018-8550

ID:6097 - Exploit for Input validation error in Windows and Windows Server - CVE-2018-8550

Published: June 17, 2021

Vulnerability identifier: #VU15876

Vulnerability risk: Low

CVE-ID: CVE-2018-8550

CWE-ID: CWE-20

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://www.exploit-db.com/exploits/45893/

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation in Windows COM Aggregate Marshaler when processing interface requests. A local unprivileged user can use this vulnerability in conjunction with another issue to execute arbitrary code on the system with elevated privileges.

Remediation

Install updates from vendor's website.

ID:6097 - Exploit for Input validation error in Windows and Windows Server - CVE-2018-8550

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human