Published: 14/03/2018 Updated: 23/05/2022

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 695

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0880.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 1607
microsoft windows server 2016 -
microsoft windows 10 1703
microsoft windows 10 -
microsoft windows 10 1709
microsoft windows server 1709

Windows: Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write EoP Platform: Windows 1703 (version 1709 seems to have fixed this bug) Class: Elevation of Privilege Summary: The handling of the virtual registry NtLoadKey callback reloads registry hives insecurely leading to arbitrary file creation resulting in EoP Description: NOTE ...

NVD-CWE-noinfo https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0882 http://www.securitytracker.com/id/1040520 http://www.securityfocus.com/bid/103257 https://www.exploit-db.com/exploits/44315/https://nvd.nist.gov https://www.exploit-db.com/exploits/44315/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-0882

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect