CVE-2018-8589 : An elevation of privilege vulnerability exists when Windows improperly handles c

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

Published 2018-11-14 01:29:02

Updated 2025-04-04 15:32:37

Source Microsoft Corporation

View at NVD, CVE.org

Vulnerability category: Gain privilege

Products affected by CVE-2018-8589

Microsoft » Windows Server 2008 » Version: N/A Update SP2
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 Update SP1 For Itanium
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 Update SP1 For X64
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
Matching versions
Microsoft » Windows 7 » Version: N/A Update SP1
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
Matching versions

CVE-2018-8589 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:

Microsoft Win32k Privilege Escalation Vulnerability

CISA required action:

Apply updates per vendor instructions.

CISA description:

A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.

Notes:

https://nvd.nist.gov/vuln/detail/CVE-2018-8589

Added on 2022-05-23 Action due date 2022-06-13

Exploit prediction scoring system (EPSS) score for CVE-2018-8589

EPSS FAQ

5.28%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 89 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-8589

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-02-07
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST	2025-04-04
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2018-8589

http://www.securitytracker.com/id/1042140

Windows Kernel 'Win32k.sys' Lets Local Users Gain Elevated Privileges - SecurityTracker
Third Party Advisory;VDB Entry;Broken Link
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8589

CVE-2018-8589 | Windows Win32k Elevation of Privilege Vulnerability
Patch;Vendor Advisory
http://www.securityfocus.com/bid/105796

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8589 Local Privilege Escalation Vulnerability
Third Party Advisory;VDB Entry;Broken Link

Jump to

Vulnerability Details : CVE-2018-8589

Products affected by CVE-2018-8589

CVE-2018-8589 is in the CISA Known Exploited Vulnerabilities Catalog

Exploit prediction scoring system (EPSS) score for CVE-2018-8589

CVSS scores for CVE-2018-8589

References for CVE-2018-8589