CVE-2018-1038

HIGH EXPLOITED

Windows <7 SP1 & <Server 2008 R2 SP1 - Privilege Escalation

Title source: llm

Description

The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."

Exploits (1)

exploitdb WORKING POC

by XPN · clocalwindows

https://www.exploit-db.com/exploits/44581

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/103549

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1040632

[Exploit, Third Party Advisory] https://blog.xpnsec.com/total-meltdown-cve-2018-1038/

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1038

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/44581/

Scores

CVSS v3 7.8

EPSS 0.6128

EPSS Percentile 98.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2018-06-01

Status published

Products (2)

microsoft/windows_7

microsoft/windows_server_2008 r2 sp1

Published Apr 02, 2018

Tracked Since Feb 18, 2026