What is CVE-2018-8476?

CVE-2018-8476 is a vulnerability in Microsoft Windows 10 Servers. Published 2018-11-14.

Is CVE-2018-8476 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Windows 10 Servers

CVE-2018-8476

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server…

EPSS: 0.633 (99.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows 10 Servers — versions version 1803 (Server Core Installation)
Microsoft Windows Server 2008 — versions 32-bit Systems Service Pack 2, 32-bit Systems Service Pack 2 (Server Core installation), Itanium-Based Systems Service Pack 2
Microsoft Windows Server 2008 R2 — versions Itanium-Based Systems Service Pack 1, x64-based Systems Service Pack 1, x64-based Systems Service Pack 1 (Server Core installation)
Microsoft Windows Server 2012 — versions (Server Core installation)
Microsoft Windows Server 2012 R2 — versions (Server Core installation)
Microsoft Windows Server 2016 — versions (Server Core installation)
Microsoft Windows Server 2019 — versions (Server Core installation)

Public proof-of-concept exploits

alphaSeclab/sec-daily-2019

References

1042109 (vdb-entry, x_refsource_SECTRACK)
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476 (x_refsource_CONFIRM)
105774 (vdb-entry, x_refsource_BID)
research.checkpoint.com/2019/pxe-dust-finding-a-vulnerability-in-windows-server… (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-8476?: CVE-2018-8476 is a vulnerability in Microsoft Windows 10 Servers. Published 2018-11-14.
Is CVE-2018-8476 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.