CVE-2018-0886

HIGH

Microsoft Windows 10 - Authentication Bypass

Title source: rule

Description

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".

Exploits (4)

exploitdb WORKING POC
by Preempt · remotewindows
https://www.exploit-db.com/exploits/44453
github WRITEUP 3,480 stars
by qazbnm456 · poc
https://github.com/qazbnm456/awesome-cve-poc/tree/master/CVE-2018-0886.md
nomisec WORKING POC 269 stars
by preempt · poc
https://github.com/preempt/credssp
github WRITEUP 14 stars
by xbl3 · poc
https://github.com/xbl3/awesome-cve-poc_qazbnm456/tree/master/CVE-2018-0886.md

References (7)

Scores

CVSS v3 7.0
EPSS 0.9100
EPSS Percentile 99.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-287
Status published
Products (16)
microsoft/windows_10
microsoft/windows_10 1511
microsoft/windows_10 1607
microsoft/windows_10 1703
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
... and 6 more
Published Mar 14, 2018
Tracked Since Feb 18, 2026