CVE-2018-8454

MEDIUM

Windows 10 and Windows Server 2016/2019 - Information Disclosure in Audio Service

Title source: llm
STIX 2.1

Description

An information disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory, aka "Windows Audio Service Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105799
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1042122

Scores

CVSS v3 5.5
EPSS 0.0328
EPSS Percentile 86.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (6)
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_server_2016 1709
microsoft/windows_server_2016 1803
microsoft/windows_server_2019
Published Nov 14, 2018
Tracked Since Feb 18, 2026