Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

lundi 8 octobre 2018

Microsoft Windows up to Server 1803 Hyper-V memory corruption

A vulnerability, which was classified as critical, has been found in Microsoft Windows. This issue affects an unknown function of the component Hyper-V. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. Impacted is confidentiality, integrity, and availability.

The weakness was presented 10/09/2018 as confirmed security update guide (Website). The advisory is shared at portal.msrc.microsoft.com. The public release was coordinated in cooperation with Microsoft. The identification of this vulnerability is CVE-2018-8489. The attack may be initiated remotely. A single authentication is necessary for exploitation. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $25k-$100k at the moment (estimation calculated on 10/10/2018). The advisory points out:

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.

See 125091, 125092, 125096 and 125097 for similar entries.

CPE

CVSSv3

VulDB Meta Base Score: 8.4
VulDB Meta Temp Score: 8.2

VulDB Base Score: 9.1
VulDB Temp Score: 8.7
VulDB Vector: 🔒
VulDB Reliability: 🔍

Vendor Base Score (Microsoft): 7.6
Vendor Vector (Microsoft): 🔒

CVSSv2

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍

Exploiting

Class: Memory corruption (CWE-119)
Local: No
Remote: Yes

Availability: No

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligence

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Actions: 🔍

Countermeasures

Recommended: Patch
Status: Official fix
Reaction Time: 🔒
0-Day Time: 🔒
Exposure Time: 🔒

Timeline

10/09/2018 Advisory disclosed
10/09/2018 Countermeasure disclosed
10/10/2018 VulDB entry created
10/10/2018 VulDB last update

Sources

Advisory: portal.msrc.microsoft.com
Status: Confirmed
Coordinated: 🔒

CVE: CVE-2018-8489 (🔒)
scip Labs: https://www.scip.ch/en/?labs.20161215
See also: 🔒

Entry

Created: 10/10/2018
Complete: 🔍

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 223

x

Événements SSI