“An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory” – MITRE description.
Recent assessments:
jrobles-r7 at June 17, 2019 6:51pm UTC reported:
The handling of objects in memory allowed for a double-free of a memory region, which could be used to escalate privileges on a local system. See MSRC link for vulnerable versions and patch information.
The <https://github.com/ze0r/cve-2018-8453-exp> PoC for x86 systems successfully worked for me on Win10 x86 systems. The x64 version did not work for me though.
space-r7 at June 20, 2019 2:12pm UTC reported:
The handling of objects in memory allowed for a double-free of a memory region, which could be used to escalate privileges on a local system. See MSRC link for vulnerable versions and patch information.
The <https://github.com/ze0r/cve-2018-8453-exp> PoC for x86 systems successfully worked for me on Win10 x86 systems. The x64 version did not work for me though.
gwillcox-r7 at November 22, 2020 2:58am UTC reported:
The handling of objects in memory allowed for a double-free of a memory region, which could be used to escalate privileges on a local system. See MSRC link for vulnerable versions and patch information.
The <https://github.com/ze0r/cve-2018-8453-exp> PoC for x86 systems successfully worked for me on Win10 x86 systems. The x64 version did not work for me though.
Assessed Attacker Value: 4
Assessed Attacker Value: 4Assessed Attacker Value: 4