CVE-2018-7249

HIGH

Microsoft Windows 7 - Race Condition

Title source: rule

Description

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel.

Exploits (1)

nomisec WORKING POC 15 stars

by alonhr · poc

https://github.com/alonhr/NotSecDrv

View Code ZIP pw:eip

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/Elvin9/NotSecDrv/blob/master/README.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.0

EPSS 0.0234

EPSS Percentile 84.9%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-362 CWE-416

Status published

Products (5)

microsoft/windows_7

microsoft/windows_8

microsoft/windows_8.1

microsoft/windows_vista

tivo/safedisc

Published Feb 26, 2018

Tracked Since Feb 18, 2026