HTTP: Windows Desktop Bridge CVE-2018-8208 Remote Code Execution
This signature detects an attempt to exploit an Microsoft Windows Desktop Bridge. Successful exploitation could allow an attacker to execute arbitrary code into the user's context.
Extended Description
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214.
Affected Products
Microsoft windows_server_2016
References
CVE: CVE-2018-8208
Short Name
HTTP:STC:DL:CVE-2018-8208-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Bridge CVE-2018-8208 Code Desktop Execution Remote Windows
Release Date
06/11/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Microsoft
CVSS Score
6.9