Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2018-8439

UNKNOWN
Published 2018-09-13T00:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-8439. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0965.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Microsoft

Windows Server 2012 R2

Affected Versions:

(Server Core installation)
Microsoft

Windows RT 8.1

Affected Versions:

Windows RT 8.1
Microsoft

Windows Server 2016

Affected Versions:

(Server Core installation)
Microsoft

Windows 8.1

Affected Versions:

x64-based systems
Microsoft

Windows 10

Affected Versions:

Version 1607 for x64-based Systems Version 1703 for x64-based Systems Version 1709 for x64-based Systems Version 1803 for x64-based Systems x64-based Systems
Microsoft

Windows 10 Servers

Affected Versions:

version 1709 (Server Core Installation) version 1803 (Server Core Installation)

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-wq5x-2crp-vhr7

Advisory Details

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0965.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-8439
WEB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8439
WEB http://www.securityfocus.com/bid/105233
WEB http://www.securitytracker.com/id/1041624

Advisory provided by GitHub Security Advisory Database. Published: May 14, 2022, Modified: May 14, 2022

References

http://www.securityfocus.com/bid/105233
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8439
http://www.securitytracker.com/id/1041624
Published: 2018-09-13T00:00:00
Last Modified: 2024-08-05T06:54:36.447Z
Copied to clipboard!