CVE-2018-8612

MEDIUM

Windows 10 and Windows Server 2016/2019 - Denial of Service in Connected User Experiences and Telemetry Service

Title source: llm
STIX 2.1

Description

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106087

Scores

CVSS v3 5.5
EPSS 0.0138
EPSS Percentile 68.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (9)
microsoft/windows_10 1607
microsoft/windows_10 1703
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_server_2016
microsoft/windows_server_2016 1709
microsoft/windows_server_2016 1803
microsoft/windows_server_2019
Published Dec 12, 2018
Tracked Since Feb 18, 2026