Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2018-0824

Disclosure Date: May 09, 2018 •

CVE-2018-0824 CVSS v3 Base Score: 8.8

Exploited in the Wild

Reported by ccondon-r7
View Source Details

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Metasploit Module

Windows unmarshal post exploitation

Description

A remote code execution vulnerability exists in “Microsoft COM for Windows” when it fails to properly handle serialized objects, aka “Microsoft COM for Windows Remote Code Execution Vulnerability.” This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

8.8 High

Impact Score:

5.9

Exploitability Score:

2.8

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

microsoft

Products

windows 10 1507 -,
windows 10 1607 -,
windows 10 1703 -,
windows 10 1709 -,
windows 10 1803 -,
windows 7 -,
windows 8.1 -,
windows rt 8.1 -,
windows server 1709 -,
windows server 1803 -,
windows server 2008 -,
windows server 2008 r2,
windows server 2012 -,
windows server 2012 r2,
windows server 2016 -

Metasploit Modules

Windows unmarshal post exploitation (https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/escalate/unmarshal_cmd_exec.rb)

Exploited in the Wild

Reported by:

ccondon-r7 indicated source as Government or Industry Alert (https://www.cisa.gov/news-events/alerts/2024/08/05/cisa-adds-one-known-exploited-vulnerability-catalog)

Reported: August 08, 2024 3:50pm UTC (3 months ago)

References

Canonical

CVE-2018-0824 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0824)

BID-104030 (http://www.securityfocus.com/bid/104030)

Advisory

SECTRACK-1040848 (http://www.securitytracker.com/id/1040848)

EXPLOIT-DB-44906 (https://www.exploit-db.com/exploits/44906)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0824

Rapid7

Unknown

CVE-2018-0824

Unknown

Unknown

Required

None

Network

CVE-2018-0824

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Metasploit Modules

Exploited in the Wild

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2018-0824

Unknown

Unknown

Required

None

Network

CVE-2018-0824

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Metasploit Modules

Exploited in the Wild

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification