← back
CVE-2018-0974

CVE-2018-0974

EPSS 3.6%
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 3.6%KEV nãoPoC públicaNuclei Metasploit Patch
Lifecycle
12 Apr 2018Published on NVD
16 Apr 2018Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0975.
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.