Vulnerability Details : CVE-2018-8400
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8401, CVE-2018-8405, CVE-2018-8406.
Vulnerability category: Gain privilege
Products affected by CVE-2018-8400
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-8400
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 29 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-8400
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-8400
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-8400
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8400
CVE-2018-8400 | DirectX Graphics Kernel Elevation of Privilege VulnerabilityPatch;Vendor Advisory
-
http://www.securitytracker.com/id/1041461
Microsoft DirectX Graphics Kernel Driver Bugs Let Local Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/105005
Microsoft Windows DirectX Graphics Kernel CVE-2018-8400 Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
Jump to