CVE-2018-0599

7.8HIGH

Key Information:

Vendor: Microsoft
Status: The Installer Of Visual C++ Redistributable
Vendor: CVE Published:; 26 June 2018

Summary

Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected Version(s)

The installer of Visual C++ Redistributable = unspecified

References

https://blogs.technet.microsoft.com/srd/2018/04/04/triagi...

x_refsource_MISC

http://jvn.jp/en/jp/JVN81196185/index.html

third-party-advisoryx_refsource_JVN

EPSS Score

2% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2018
Vulnerability Reserved
Nov 27, 2017

Collectors

NVD DatabaseMitre Database