Lucene search
MicrosoftVULNRICHMENT:CVE-2018-0824HistoryMay 09, 2018 - 7:00 p.m.
CVE-2018-0824
2018-05-0919:00:00
microsoft
github.com
7
AI Score
8.6
Confidence
Low
EPSS
0.97
Percentile
99.8%
SSVC
Exploitation
active
Automatable
no
Technical Impact
total
A remote code execution vulnerability exists in âMicrosoft COM for Windowsâ when it fails to properly handle serialized objects, aka âMicrosoft COM for Windows Remote Code Execution Vulnerability.â This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_10",
"versions": [
{
"status": "affected",
"version": "1607"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_10",
"versions": [
{
"status": "affected",
"version": "1703"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_10",
"versions": [
{
"status": "affected",
"version": "1709"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_10",
"versions": [
{
"status": "affected",
"version": "1803"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_7",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_8.1",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_rt_8.1",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*"
],
"vendor": "microsoft",
"product": "windows_server_2008",
"versions": [
{
"status": "affected",
"version": "r2"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*"
],
"vendor": "microsoft",
"product": "windows_server_2008",
"versions": [
{
"status": "affected",
"version": "r2"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_server_2012",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_server_2012",
"versions": [
{
"status": "affected",
"version": "r2"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_server_2016",
"versions": [
{
"status": "affected",
"version": "1709"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_server_2016",
"versions": [
{
"status": "affected",
"version": "1803"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_10",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_server_2016",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"
],
"vendor": "microsoft",
"product": "windows_server_2008",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "unknown"
}
]Related
prion
prion
Remote code execution
2018-05-09 19:29:00
cvelist
cvelist
CVE-2018-0824
2018-05-09 19:00:00
cve
cve
CVE-2018-0824
2018-05-09 19:29:00
talosblog
talosblog
mskb
mskb
May 8, 2018âKB4103726 (Security-only update)
2018-05-08 07:00:00
May 8, 2018âKB4103712 (Security-only update)
2018-05-08 07:00:00
metasploit
metasploit
Windows unmarshal post exploitation
2018-10-19 23:15:44
cisa_kev
cisa_kev
Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability
2024-08-05 00:00:00
symantec
symantec
Microsoft Windows CVE-2018-0824 Remote Code Execution Vulnerability
2018-05-08 00:00:00
attackerkb
attackerkb
CVE-2018-0824
2018-05-09 00:00:00
mscve
mscve
Microsoft COM for Windows Remote Code Execution Vulnerability
2018-05-08 07:00:00
nvd
nvd
CVE-2018-0824
2018-05-09 19:29:00
exploitpack
exploitpack
Microsoft COM for Windows - Privilege Escalation
2018-06-18 00:00:00
zdt
zdt
Microsoft COM for Windows - Privilege Escalation Exploit
2018-06-19 00:00:00
canvas
canvas
Immunity Canvas: UNMARSHAL_TO_SYSTEM
2018-09-07 14:29:00
exploitdb
exploitdb
Microsoft COM for Windows - Privilege Escalation
2018-06-18 00:00:00
thn
thn
Google Patches New Android Kernel Vulnerability Exploited in the Wild
2024-08-06 06:12:00
nessus
nessus
Security Updates for Windows Server 2008 (May 2018)
2018-05-09 00:00:00
KB4103726: Windows Server 2012 May 2018 Security Update
2018-05-08 00:00:00
KB4103712: Windows 7 and Windows Server 2008 R2 May 2018 Security Update
2018-05-08 00:00:00
kaspersky
kaspersky
KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)
2018-05-08 00:00:00
KLA11241 Multiple vulnerabilities in Microsoft Windows
2018-05-08 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4103718)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103725)
2018-05-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4103716)
2018-05-09 00:00:00
trendmicroblog
trendmicroblog
AI Score
8.6
Confidence
Low
EPSS
0.97
Percentile
99.8%
SSVC
Exploitation
active
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2018-0824