CVE-2018-8468

MEDIUM

Windows - Elevation of Privilege via Sandbox Escape

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-8468. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages a vulnerability in Microsoft Edge (CVE-2018-8469) to achieve remote code execution by chaining multiple stages: bypassing URL checks to spawn a privileged content process, redirecting to Internet Explorer via a compatibility view list domain, and executing arbitrary files via a crafted LNK file.

Description

An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textremotewindows

https://www.exploit-db.com/exploits/45502

View Code ZIP pw:eip

This exploit leverages a vulnerability in Microsoft Edge (CVE-2018-8469) to achieve remote code execution by chaining multiple stages: bypassing URL checks to spawn a privileged content process, redirecting to Internet Explorer via a compatibility view list domain, and executing arbitrary files via a crafted LNK file.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Microsoft Edge (Build 17692.rs_prerelease.180609-1317)

No auth needed

Prerequisites: Remote machine with Samba and HTTP server · Domain in IE compatibility view list · Hardcoded offsets for specific build

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution T1218 - System Binary Proxy Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/105275

Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/45502/

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8468

Scores

CVSS v3 4.7

EPSS 0.1177

EPSS Percentile 95.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Details

Status published

Products (15)

microsoft/windows_10

microsoft/windows_10 1607

microsoft/windows_10 1703

microsoft/windows_10 1709

microsoft/windows_10 1803

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2008

microsoft/windows_server_2008 r2 sp1

... and 5 more

Published Sep 13, 2018

Tracked Since Feb 18, 2026