The vulnerability was used by APT28 team along with another zero-day CVE-2017-0262.
Vulnerable component: Windows
CVSSv3 score: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C
CWE-ID: CWE-20 - Improper Input Validation
The vulnerability allows a local user to elevate privileges on the system.
The vulnerability exists due to boundary error in Win32k.sys driver. A local user can escalate privileges on the system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note: this vulnerability is being actively exploited.
Latest references in media:
- FruityArmor APT Exploits Yet Another Windows Graphics Kernel Flaw [2018-10-11 00:00:11]
- CVE-2018-8453 Zero-Day flaw exploited by FruityArmor APT in attacks aimed at Middle East [2018-10-10 15:50:08]
- Windows Zero-Day Exploited in Attacks Aimed at Middle East [2018-10-10 10:10:07]
- Zero-day exploit (CVE-2018-8453) used in targeted attacks [2018-10-10 09:00:52]
- New Silence hacking group suspected of having ties to cyber-security industry | ZDNet [2018-09-05 13:30:10]
- Malicious PDF Leads to Discovery of Adobe Reader, Windows Zero-Days [2018-05-16 14:43:31]
- A Slice of 2017 Sofacy Activity [2018-02-20 15:10:22]
- Don't Fall Victim to IP Theft and Corporate Espionage [2018-02-01 13:51:09]
- Russian Cyberspies Are Rushing to Exploit Recent Flash 0-Day Before It Goes Cold [2017-10-20 11:02:17]
- Kaspersky Details APT Trends for Q2 2017 [2017-08-10 20:00:48]
- Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution [2017-05-23 23:40:40]
- Microsoft’s New Security Update Guides Get Mixed Reviews [2017-05-11 21:01:05]
- Cisco Patches IOS XE Vulnerability Leaked in Vault 7 Dump [2017-05-10 16:10:58]
- Microsoft Addresses Zero-Day Vulnerability Ahead of Patch Tuesday [2017-05-10 12:40:21]
- No Let Up for Admins as Microsoft Patches 56 Vulnerabilities [2017-05-10 12:20:09]
- Microsoft Security Updates for May 2017 Include Fixes for Four Zero-Days [2017-05-10 11:10:43]
- 3 of 4 Zero-Days Microsoft Patched Yesterday Were Used by Russian Cyberspies [2017-05-10 11:10:43]
- Microsoft Patch Tuesday updates for May 2017 fix Zero Days exploited by Russian APT groups [2017-05-10 08:30:21]
- Microsoft Patches Zero-Days Exploited by Russia-Linked Hackers [2017-05-10 06:10:23]
- It's 2017 and Windows PCs are being owned by EPS files, webpages [2017-05-10 00:10:01]
- Microsoft fixes 55 flaws, 3 of them exploited by Russian cyberspies [2017-05-09 23:50:59]
- Microsoft fixes 55 vulnerabilities, 3 exploited by Russian cyberspies [2017-05-09 23:30:02]
- Microsoft Plugs Three Zero Day Holes as Part of May Patch Tuesday [2017-05-09 23:20:24]
- Microsoft Security Updates for May 2017 Include Fixes for Three Zero-Days [2017-05-09 22:40:34]
- EPS Processing Zero-Days Exploited by Multiple Threat Actors [2017-05-09 19:20:17]
Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.