CVE-2018-8140
First published: Thu Jun 14 2018(Updated: )
An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka "Cortana Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows Server 1803 | ||
| Microsoft Windows Server 2016 | =1709 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-8140?
CVE-2018-8140 is classified as an Elevation of Privilege vulnerability.
How do I fix CVE-2018-8140?
To fix CVE-2018-8140, apply the latest security updates provided by Microsoft.
Which versions of Windows are affected by CVE-2018-8140?
CVE-2018-8140 affects Windows 10 versions 1709, 1803, and Windows Server 2016 version 1709.
What is the impact of CVE-2018-8140 if exploited?
If exploited, CVE-2018-8140 can allow an attacker to gain elevated privileges on the affected system.
Is there a workaround for CVE-2018-8140?
There are currently no known workarounds for CVE-2018-8140, so updating your system is recommended.
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/remedy
- agent/references
- agent/severity
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/source
- vendor/microsoft
- canonical/microsoft windows 10
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- canonical/microsoft windows server 1803
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1709