← back
CVE-2018-8637

CVE-2018-8637

EPSS 1.8%◆ VulnCheck KEV
Vexday Risk Score
25Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 1.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
12 Dec 2018Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.