Vulnerability Details : CVE-2018-8476
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers.
Vulnerability category: OverflowExecute code
Products affected by CVE-2018-8476
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-8476
19.95%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-8476
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2018-8476
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-8476
-
http://www.securityfocus.com/bid/105774
Microsoft Windows Deployment Services TFTP Server CVE-2018-8476 Remote Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1042109
Windows Deployment Services TFTP File Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476
CVE-2018-8476 - Security Update Guide - Microsoft - Windows Deployment Services TFTP Server Remote Code Execution VulnerabilityPatch;Vendor Advisory
-
https://research.checkpoint.com/2019/pxe-dust-finding-a-vulnerability-in-windows-servers-deployment-services/
PXE Dust: Finding a Vulnerability in Windows Servers Deployment Services - Check Point Research
Jump to