CVE-2018-8406: Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability
First published: Wed Aug 15 2018(Updated: )
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8405.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft DirectX Graphics Kernel | ||
| Windows 10 | ||
| Windows 10 | =1607 | |
| Windows 10 | =1703 | |
| Windows 10 | =1709 | |
| Windows 10 | =1803 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1709 | |
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows Server | ||
| Microsoft Windows Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-8406?
CVE-2018-8406 has a severity rating of Important, indicating a significant risk for impact on affected systems.
How do I fix CVE-2018-8406?
To mitigate CVE-2018-8406, it is advised to apply the latest security updates provided by Microsoft for the affected versions of Windows 10 and Windows Server 2016.
Which systems are affected by CVE-2018-8406?
CVE-2018-8406 affects various versions of Windows 10 and Windows Server 2016, including versions 1607, 1703, 1709, and 1803.
What type of vulnerability is CVE-2018-8406?
CVE-2018-8406 is classified as an elevation of privilege vulnerability impacting the DirectX Graphics Kernel.
Can CVE-2018-8406 be exploited remotely?
CVE-2018-8406 requires local access to exploit, meaning an attacker must log onto the system to exploit this vulnerability.
- agent/type
- agent/description
- agent/title
- agent/weakness
- agent/remedy
- agent/first-publish-date
- agent/references
- agent/author
- agent/event
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/severity
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- agent/tags
- collector/nvd-api
- agent/last-modified-date
- agent/softwarecombine
- vendor/microsoft
- canonical/microsoft directx graphics kernel
- canonical/windows 10
- version/windows 10/1607
- version/windows 10/1703
- version/windows 10/1709
- version/windows 10/1803
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1709
- version/microsoft windows server 2016/1803
- canonical/microsoft windows 10
- canonical/microsoft windows server