CVE-2018-8589
CVE-2018-8589
Vexday Risk Score
51Attention
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7.8EPSS 3.0%KEV simPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Nov 2018Published on NVD
23 May 2022Active exploitation (CISA KEV)
Weaponization speed
1286 daysto active exploitation (KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
A flaw in Windows' Win32k.sys allows a local user to gain higher privileges than intended, potentially taking complete control of the system. This affects older Windows versions like Windows 7 and Windows Server 2008.
Technical detail
The vulnerability exists in Win32k.sys's improper handling of Win32 API calls, allowing local authenticated attackers to escalate privileges to kernel-level access. Exploitation requires local code execution capability and affects Windows 7, Windows Server 2008, and Windows Server 2008 R2.
Summary generated and translated by AI from the official description.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H