CVE-2018-8406

CVE Published 2018-08-15
Related CWE(s) CWE-404: Improper Resource Shutdown or Release
Related Vendor(s) microsoft
Related Product(s) windows_server_2016, windows_10
Exploitation Reported (CISA KEV) 2022-03-28
CVSS 3 Base Score 7.8 (HIGH)
CVSS 3 Attack Complexity LOW
CVSS 3 Attack Vector LOCAL

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8405.

Cyber Threat Graph Context

Explore how this CVE relates to the wider threat graph

Associated CAPEC Patterns

References