CVE-2018-8172

HIGH

Expression Blend 4 - Remote Code Execution via Unbuilt Project File

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-8172. PoCs published by SyFi, 0x1.

AI-analyzed exploit summary This repository contains a README referencing CVE-2018-8172, a remote code execution vulnerability in Microsoft Visual Studio. It provides links to external resources but lacks actual exploit code or technical details.

Description

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.

Exploits (2)

nomisec WRITEUP 3 stars

by SyFi · poc

https://github.com/SyFi/CVE-2018-8172

View Code ZIP pw:eip

This repository contains a README referencing CVE-2018-8172, a remote code execution vulnerability in Microsoft Visual Studio. It provides links to external resources but lacks actual exploit code or technical details.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: Microsoft Visual Studio

No auth needed

Prerequisites: Access to a vulnerable version of Microsoft Visual Studio

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

gitlab SUSPICIOUS

by 0x1 · poc

https://gitlab.com/0x1/CVE-2018-8172

View Code ZIP pw:eip

The repository contains no exploit code, only a README with a link to an external blog post and a Twitter handle. This is characteristic of a social engineering lure rather than a legitimate PoC.

Classification

Suspicious 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: Microsoft Visual Studio

No auth needed

Prerequisites: none provided

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (3)

Core 3

Core References

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041253

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8172

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/104616

Scores

CVSS v3 7.8

EPSS 0.3102

EPSS Percentile 98.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published

Products (9)

microsoft/expression_blend 2 sp2

microsoft/expression_blend 3 sp1

microsoft/expression_blend 4 sp3

microsoft/visual_studio 2010 sp1

microsoft/visual_studio 2012 update_5

microsoft/visual_studio 2013 update_5

microsoft/visual_studio 2015 update3

microsoft/visual_studio_2017

microsoft/visual_studio_2017 15.7.5

Published Jul 11, 2018

Tracked Since Feb 18, 2026