CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-8414

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score86.8900%
EPSS Percentile95.50th
Published2018年8月15日
Last Modified2025年10月28日

Vulnerability Description

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.

Affected Platforms (CPE)

💻
Microsoft

Windows 10 1703

All versions
💻
Microsoft

Windows 10 1703

All versions
💻
Microsoft

Windows 10 1709

All versions
💻
Microsoft

Windows 10 1709

All versions
💻
Microsoft

Windows 10 1803

All versions
💻
Microsoft

Windows 10 1803

All versions
💻
Microsoft

Windows Server 1709

All versions
💻
Microsoft

Windows Server 1803

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/105016
🔗 http://www.securitytracker.com/id/1041458
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414
🔗 http://www.securityfocus.com/bid/105016
🔗 http://www.securitytracker.com/id/1041458
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8414

関連する脆弱性情報

CVE-2017-85899.8

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 1...

CVE-2017-117719.8

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server...

CVE-2017-85439.8

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R...

CVE-2017-118999.8

Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security featu...