CVE-2018-8414

high

Description

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414

http://www.securitytracker.com/id/1041458

http://www.securityfocus.com/bid/105016

Details

Source: MITRE

Published: 2018-08-15

Updated: 2022-05-23

Type: CWE-20

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH