CVE-2018-8453

2018-10-10T00:00:00
ID AKB:0A30FB79-83AC-42D6-964B-DD2D15CDC6C2
Type attackerkb
Reporter AttackerKB
Modified 2020-02-13T00:00:00

Description

“An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory” – MITRE description.

Recent assessments:

jrobles-r7 at June 17, 2019 6:51pm UTC reported:

The handling of objects in memory allowed for a double-free of a memory region, which could be used to escalate privileges on a local system. See MSRC link for vulnerable versions and patch information.

The <https://github.com/ze0r/cve-2018-8453-exp> PoC for x86 systems successfully worked for me on Win10 x86 systems. The x64 version did not work for me though.

Assessed Attacker Value: 4space-r7 at June 20, 2019 2:12pm UTC reported:

The handling of objects in memory allowed for a double-free of a memory region, which could be used to escalate privileges on a local system. See MSRC link for vulnerable versions and patch information.

The <https://github.com/ze0r/cve-2018-8453-exp> PoC for x86 systems successfully worked for me on Win10 x86 systems. The x64 version did not work for me though.

Assessed Attacker Value: 4
gwillcox-r7 at November 22, 2020 2:58am UTC reported:

The handling of objects in memory allowed for a double-free of a memory region, which could be used to escalate privileges on a local system. See MSRC link for vulnerable versions and patch information.

The <https://github.com/ze0r/cve-2018-8453-exp> PoC for x86 systems successfully worked for me on Win10 x86 systems. The x64 version did not work for me though.