Attacker Value
High
(3 users assessed)
Exploitability
High
(3 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
1

CVE-2018-8453

Disclosure Date: October 10, 2018 Last updated February 13, 2020
Exploited in the Wild
Reported by gwillcox-r7
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

“An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory” – MITRE description.

Add Assessment

1
Ratings
  • Exploitability
    High
Technical Analysis

The handling of objects in memory allowed for a double-free of a memory region, which could be used to escalate privileges on a local system. See MSRC link for vulnerable versions and patch information.

The https://github.com/ze0r/cve-2018-8453-exp PoC for x86 systems successfully worked for me on Win10 x86 systems. The x64 version did not work for me though.

1
Technical Analysis

Reported as exploited in the wild as part of Google’s 2020 0day vulnerability spreadsheet they made available at https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1869060786. Original tweet announcing this spreadsheet with the 2020 findings can be found at https://twitter.com/maddiestone/status/1329837665378725888

General Information

Additional Info

Technical Analysis