Main Vulnerability Database Vulnerabilities #VU11062

XXE attack in Windows and Windows Server - CVE-2018-0878

Published: March 13, 2018 / Updated: June 17, 2021

Vulnerability identifier: #VU11062

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2018-0878

CWE-ID: CWE-611

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vendor: Microsoft

Affected software:
Windows
Windows Server

Detailed vulnerability description

The vulnerability allows a remote attacker to perform XXE attack on the target system.

The vulnerability exists due to Windows Remote Assistance incorrectly processes XML External Entities (XXE). A remote attacker can send a specially crafted Remote Assistance invitation file to a user and then steal text files from known locations on the victim's machine, under the context of the user, or alternatively, steal text information from URLs accessible to the victim.

How to mitigate CVE-2018-0878

Install updates from vendor's website.

Sources

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0878

XXE attack in Windows and Windows Server - CVE-2018-0878

Detailed vulnerability description

How to mitigate CVE-2018-0878

Sources

Please verify you're human