CVE-2018-0843

MEDIUM

Windows 10 1709 and Windows Server 2016 1709 - Kernel Information Disclosure via Memory Object Handling

Title source: llm
STIX 2.1

Description

The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and CVE-2018-0820.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040373
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102951

Scores

CVSS v3 4.7
EPSS 0.0213
EPSS Percentile 79.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
microsoft/windows_10 1709
microsoft/windows_server_2016 1709
Published Feb 15, 2018
Tracked Since Feb 18, 2026