CVE-2018-8140
CVE-2018-8140
Vexday Risk Score
25Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS —EPSS 1.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Jun 2018Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka "Cortana Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10.