#VU16486 Privilege escalation in Windows and Windows Server - CVE-2018-8599

Cybersecurity Help s.r.o.

Published: 2018-12-11

Vulnerability identifier: #VU16486

Vulnerability risk: Low

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-8599

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft

Description
The vulnerability allows a remote attacker to gain elevated privileges.

The weakness exists due to an error when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. A remote attacker can gain elevated privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1607 10.0.14393.10, 10 1703 10.0.15063.138, 10 1709 10.0.16299.19, 10 1803 10.0.17134.48, 10 1809 10.0.17763.1, 10

Windows Server: 2016 10.0.14393.10, 2019 10.0.17763.1 - 2019 1803

External links
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8599

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Privilege escalation in Visual Studio

Privilege escalation in Diagnostics Hub Standard Collector Service