Vulnerability Details : CVE-2018-0986
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.
Vulnerability category: Memory CorruptionExecute code
Products affected by CVE-2018-0986
- cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*
- cpe:2.3:a:microsoft:exchange_server:2013:-:*:*:*:*:*:*
- cpe:2.3:a:microsoft:windows_defender:-:*:*:*:*:*:*:*When used together with: Microsoft » Windows 8.1When used together with: Microsoft » Windows Rt 8.1When used together with: Microsoft » Windows Server 2012When used together with: Microsoft » Windows Server 2016
- cpe:2.3:a:microsoft:security_essentials:-:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:forefront_endpoint_protection_2010:-:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:intune_endpoint_protection:-:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:system_center_endpoint_protection:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:system_center_endpoint_protection:2012:-:*:*:*:*:*:*
- cpe:2.3:a:microsoft:system_center_endpoint_protection:2012:r2:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-0986
89.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-0986
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2018-0986
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-0986
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986
CVE-2018-0986 | Microsoft Malware Protection Engine Remote Code Execution VulnerabilityPatch;Vendor Advisory
-
https://www.exploit-db.com/exploits/44402/
Microsoft Windows Defender - 'mpengine.dll' Memory CorruptionExploit;Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1040631
Microsoft Windows Defender File Processing Memory Corruption Error Lets Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/103593
Microsoft Malware Protection Engine CVE-2018-0986 Remote Code Execution VulnerabilityThird Party Advisory;VDB Entry
Jump to