What is CVE-2018-8273?

CVE-2018-8273 is a vulnerability in Microsoft Sql Server. Published 2018-08-15.

Is CVE-2018-8273 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Sql Server

CVE-2018-8273

A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.

EPSS: 0.286 (96.6th percentile) — read the EPSS interpretation.

Affected products

Microsoft Sql Server — versions 2016 for x64-based Systems Service Pack 1, 2016 for x64-based Systems Service Pack 1 (CU), 2016 for x64-based Systems Service Pack 2

Public proof-of-concept exploits

References

1041467 (vdb-entry, x_refsource_SECTRACK)
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273 (x_refsource_CONFIRM)
104967 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2018-8273?: CVE-2018-8273 is a vulnerability in Microsoft Sql Server. Published 2018-08-15.
Is CVE-2018-8273 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.