VDB
CVE-2018-0824
CVE-2018-0824
PUBLISHED
KEV
CVSS 8.800000190734863 HIGH
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
EPSS 91.51% · 99.7th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
91.51%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_8.1 | 0 |
| microsoft | windows_server_2016 | |
| n/a | n/a | * |
| microsoft | windows_rt_8.1 | 0 |
| microsoft | windows_server_2016 | 1709, 0, 1803 |
| microsoft | windows_server_1709 | |
| microsoft | windows_rt_8.1 | |
| microsoft | windows_server_2008 | r2, r2, r2 |
| microsoft | windows_7 | 0 |
| microsoft | windows_10_1607 | |
| microsoft | windows_server_2012 | r2, 0 |
| microsoft | windows_10_1709 | |
| microsoft | windows_10 | 1607, 1703, 0 |
| microsoft | windows_10_1507 | |
| microsoft | windows_server_2012 | r2, *, r2 |
| microsoft | windows_10_1703 | |
| microsoft | windows_10_1803 | |
| microsoft | windows_server_1803 | |
| microsoft | windows_server_2008 | 0, r2, r2 |
| microsoft | windows_7 |
…and 1 more
Exploit Intelligence
- POC for CVE-2018-0824 (github-poc-repo)
- POC for CVE-2018-0824 (github-poc-repo)
- POC for CVE-2018-0824 (github-poc-repo)
- POC for CVE-2018-0824 (github-poc-repo)
- POC for CVE-2018-0824 (github-poc-repo)
- POC for CVE-2018-0824 (github-poc-repo)
- POC for CVE-2018-0824 (github-poc)
- POC for CVE-2018-0824 (github-poc)
- POC for CVE-2018-0824 (github-poc)
- POC for CVE-2018-0824 (github-poc)
…and 55 more exploits
Timeline
- Jan 18, 1970 VulnCheck XDB Entry
- May 9, 2018 CVE Published
- Jun 19, 2018 PoC Published
- Oct 25, 2018 PoC Published
- Apr 14, 2021 EPSS Score
- Sep 14, 2021 EPSS Score
- Sep 16, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Oct 13, 2022 PoC Published
- May 3, 2023 EPSS Score
- May 8, 2023 EPSS Score
- May 21, 2023 EPSS Score
References
- 1040848 vdb
- 44906 exploit
- 104030 vdb
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0824 url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0824 url
- https://nvd.nist.gov/vuln/detail/CVE-2018-0824 advisory
- https://www.exploit-db.com/exploits/44906 url
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory