CVE-2018-0986

CVE Database · CVE-2018-0986

CVE-2018-0986

· HIGHModified

CVSS v3.1

8.8

EPSS

61.48%

Published

Apr 4, 2018

Modified

Nov 21, 2024

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Windows Defender - 'mpengine.dll' Memory Corruption TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787

Affected Products (22)

microsoft · exchange_servervulnerable

microsoft · security_essentialsvulnerable

microsoft · forefront_endpoint_protection_2010vulnerable

microsoft · intune_endpoint_protectionvulnerable

microsoft · system_center_endpoint_protectionvulnerable

microsoft · windows_defendervulnerable

microsoft · windows_10