CVE-2018-8405

HIGH KEV RANSOMWARE

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8406.

Exploits (1)

github 175 stars

by wjl110 · javascriptpoc

https://github.com/wjl110/CVE-Master/tree/main/CVE-2018/CVE-2018-8405

View on github

References (4)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/105011

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1041461

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8405

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8405

Scores

CVSS v3 7.8

EPSS 0.4999

EPSS Percentile 97.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-28

VulnCheck KEV 2019-02-19

InTheWild.io 2022-03-28

ENISA EUVD EUVD-2018-20043

Ransomware Use Confirmed

CWE

CWE-404

Status published

Products (11)

microsoft/windows_10_1507 (2 CPE variants)

microsoft/windows_10_1607 (2 CPE variants)

microsoft/windows_10_1703 (2 CPE variants)

microsoft/windows_10_1709 (2 CPE variants)

microsoft/windows_10_1803 (2 CPE variants)

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_1709

microsoft/windows_server_1803

microsoft/windows_server_2012 r2

... and 1 more

Published Aug 15, 2018

KEV Added Mar 28, 2022

Tracked Since Feb 18, 2026