CVE-2018-8440

HIGH KEV RANSOMWARE

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Exploits (2)

nomisec WORKING POC 80 stars
by sourceincite · local
https://github.com/sourceincite/CVE-2018-8440
metasploit WORKING POC NORMAL
by SandboxEscaper, bwatters-r7, asoto-r7, Jacob Robles · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/alpc_taskscheduler.rb

References (6)

Scores

CVSS v3 7.8
EPSS 0.7543
EPSS Percentile 98.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-28
VulnCheck KEV 2018-09-05
InTheWild.io 2018-09-11
ENISA EUVD EUVD-2018-20076
Ransomware Use Confirmed
Status published
Products (12)
microsoft/windows_10_1607
microsoft/windows_10_1703
microsoft/windows_10_1709
microsoft/windows_10_1803
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1
microsoft/windows_server_2012
... and 2 more
Published Sep 13, 2018
KEV Added Mar 28, 2022
Tracked Since Feb 18, 2026