CVE-2018-0952
CVE-2018-0952
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS —EPSS 6.2%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
15 Aug 2018Published on NVD
21 Aug 2018Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers.
Affected products
Microsoft · Microsoft Visual StudioMicrosoft · Windows 10Microsoft · Windows 10 ServersMicrosoft · Windows Server 2016public PoCs found — 3
githubgithub.com/atredispartners/CVE-2018-0952-SystemCollector★ 110cve_referencewww.exploit-db.com/exploits/45244/unverifiedexploitdbwww.exploit-db.com/exploits/45244unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.