KEV Entry

CVE-2018-8639

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability
Entry Details
Confirmed Exploited

CVE-2018-8639

2025-03-03 00:00 UTC

Timestamps

2025-03-03

2025-03-03

Scope

KEVIntel entry: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k... | Affected: Microsoft / Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers | CVSS: 7.8 (HIGH) | Used in malware: yes | Not yet in CISA KEV: False

References
  • {'id': 'CVE-2018-8639', 'url': 'https://www.cve.org/CVERecord?id=CVE-2018-8639'}
  • {'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2018-8639'}

46adb466-1996-4329-b65c-8feb816563e0

caeb2787-0d58-4236-9039-7c86c3e566f3

2026-06-23 11:14 UTC

2026-06-23 11:14 UTC

Evidence
1
Type Source Signal Confidence Details GCVE Metadata
public_report kevintel confirmed_compromise 0.70
View details 
{
  "added_date": "2025-03-03T00:00:00.000Z",
  "ahead_of_cisa_kev": null,
  "cvss_score": 7.8,
  "cvss_severity": "HIGH",
  "epss_percentile": null,
  "epss_score": null,
  "feed": "KEVIntel (kevintel.com)",
  "not_yet_in_cisa_kev": false,
  "product": "Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers",
  "title": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \"Win32k...",
  "used_in_malware": "yes",
  "vendor": "Microsoft"
}
 -
Export Options
JSON Object JSON API View Full Catalog