{"api_version":"1","generated_at":"2026-05-06T19:36:29+00:00","cve":"CVE-2018-8233","urls":{"html":"https://cve.report/CVE-2018-8233","api":"https://cve.report/api/cve/CVE-2018-8233.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-8233","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-8233"},"summary":{"title":"CVE-2018-8233","description":"An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \"Win32k Elevation of Privilege Vulnerability.\" This affects Windows 10, Windows 10 Servers.","state":"PUBLIC","assigner":"secure@microsoft.com","published_at":"2018-06-14 12:29:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["CWE-404"],"metrics":[],"references":[{"url":"http://www.securitytracker.com/id/1041093","name":"1041093","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"Windows Kernel Multiple Flaws Let Local Users Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8233","name":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8233","refsource":"CONFIRM","tags":["Patch","Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/104383","name":"104383","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8233 Local Privilege Escalation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-8233","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8233","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"8233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_10","cpe6":"1803","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8233","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_10","cpe6":"1803","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_server_2016","cpe6":"1803","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8233","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_server_2016","cpe6":"1803","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@microsoft.com","ID":"CVE-2018-8233","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Windows 10","version":{"version_data":[{"version_value":"Version 1803 for 32-bit Systems"},{"version_value":"Version 1803 for x64-based Systems"}]}},{"product_name":"Windows 10 Servers","version":{"version_data":[{"version_value":"version 1803  (Server Core Installation)"}]}}]},"vendor_name":"Microsoft"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \"Win32k Elevation of Privilege Vulnerability.\" This affects Windows 10, Windows 10 Servers."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Elevation of Privilege"}]}]},"references":{"reference_data":[{"name":"1041093","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1041093"},{"name":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8233","refsource":"CONFIRM","url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8233"},{"name":"104383","refsource":"BID","url":"http://www.securityfocus.com/bid/104383"}]}},"nvd":{"publishedDate":"2018-06-14 12:29:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["CWE-404"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"8233","Ordinal":"124588","Title":"CVE-2018-8233","CVE":"CVE-2018-8233","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"8233","Ordinal":"1","NoteData":"An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \"Win32k Elevation of Privilege Vulnerability.\" This affects Windows 10, Windows 10 Servers.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"8233","Ordinal":"2","NoteData":"2018-06-14","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"8233","Ordinal":"3","NoteData":"2018-06-15","Type":"Other","Title":"Modified"}]}}}