Command Injection Vulnerability in Microsoft Wireless Display Adapter
CVE-2018-8306

5.5MEDIUM

Key Information:

Vendor

Microsoft
Status
Microsoft Wireless Display Adapter V2 Software
Vendor
CVE Published:
11 July 2018

What is CVE-2018-8306?

A command injection vulnerability is present in the Microsoft Wireless Display Adapter when user input is improperly managed. This flaw exposes users to the risk of malicious code execution. If exploited, attackers could potentially manipulate the adapter's functionality, leading to unauthorized operations or access. Users of the affected V2 Software are advised to review security guidance and apply necessary updates to mitigate potential risks.

Affected Version(s)

Microsoft Wireless Display Adapter V2 Software Version 2.0.8350

Microsoft Wireless Display Adapter V2 Software Version 2.0.8365

Microsoft Wireless Display Adapter V2 Software Version 2.0.8372

References

http://www.securitytracker.com/id/1041269
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104621
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.