CVE-2018-0743

HIGH

Windows Subsystem for Linux <1709 - Privilege Escalation

Title source: llm

Description

Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability".

Exploits (1)

exploitdb WORKING POC VERIFIED

by Saar Amar · clocalwindows

https://www.exploit-db.com/exploits/43962

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/102350

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1040094

[Exploit, Patch, Third Party Advisory] https://github.com/saaramar/execve_exploit

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0743

[Third Party Advisory] https://twitter.com/AmarSaar/status/948892321755598848

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/43962/

Scores

CVSS v3 7.0

EPSS 0.0663

EPSS Percentile 91.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (3)

microsoft/windows_10 1703

microsoft/windows_10 1709

microsoft/windows_server_2016 1709

Published Jan 04, 2018

Tracked Since Feb 18, 2026