CVE-2018-0745

4.7MEDIUM

Key Information:

Vendor: Microsoft
Status: Windows Kernel
Vendor: CVE Published:; 4 January 2018

Summary

The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0746 and CVE-2018-0747.

Affected Version(s)

Windows kernel Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709

References

http://www.securitytracker.com/id/1040097

vdb-entryx_refsource_SECTRACK

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/102353

vdb-entryx_refsource_BID

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 4, 2018
Vulnerability Reserved
Dec 1, 2017

Collectors

NVD DatabaseMitre Database

.