Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-0846: Windows Common Log File System Driver Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2018-0846: Windows Common Log File System Driver Elevation of Privilege Vulnerability

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

02/13/2018

Created

07/25/2018

Added

02/13/2018

Modified

11/18/2021

Description

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory.

Solution(s)

msft-kb4073079-67ee973a-e1bb-469c-8968-5109c831be12
msft-kb4073079-8e87cdd4-535b-434a-8a7d-62f8113c9ae4
msft-kb4073079-b69368cd-0f76-4d70-b164-f814210cc4d2
msft-kb4074587-038b7343-567a-489c-9a7b-99359061b585
msft-kb4074587-12655426-1147-4823-a167-6924f81938a4
msft-kb4074587-4301df02-71e1-42bc-8c03-4cc5bdb33240
msft-kb4074587-69e514c5-3b93-4b7f-85cc-fceefccd381f
msft-kb4074587-6c08b956-dc76-4828-8c5f-1e3d390135f9
msft-kb4074587-ae42a70d-ccc6-4ef7-9590-db44662ef5c0
msft-kb4074588-11adea10-0701-430e-954f-9471595ae246
msft-kb4074588-9fc64b01-2edc-40c8-bf0d-ee3540c741f8
msft-kb4074588-aa46db4d-865e-48e7-9fe8-3ffedda76530
msft-kb4074589-0988c161-fcc9-4a26-8f86-fe981b5e3a64
msft-kb4074589-0f25d490-4286-470c-8d1d-6a9ad4106b42
msft-kb4074589-91ffcd5b-5628-49af-92f5-ed9babfde70d
msft-kb4074590-c7d8f24b-1f39-4a05-b66d-d0cda05ff280
msft-kb4074590-e990e36e-fd8f-411d-a9c1-1198447a26ce
msft-kb4074590-f5f58231-ac5d-4640-ab1b-9dc8d857c265
msft-kb4074591-041d42cd-eb65-4d43-a835-f5d2f502cc2d
msft-kb4074591-fa465771-aa6c-4594-9759-1bfb7eeab6b3
msft-kb4074592-2a7e4366-e91e-4b45-8775-bfc7ab0a86b0
msft-kb4074592-ffc8aa26-baed-4b03-84de-a404e624d747
msft-kb4074596-79ac13e4-3a09-40b9-9c96-be5ae591b174
msft-kb4074596-a5382994-9de3-4a69-ab0e-0ec90626f58a
msft-kb4074597-e23ec185-3ead-4c5c-bd1e-a9058cc7c06b
msft-kb4074597-ef515c36-d5d5-4d6d-8413-fdced1c51834
msft-kb4074597-f5df629a-edb7-49f1-946d-18e4f0a860f0

References

https://attackerkb.com/topics/cve-2018-0846
CVE - 2018-0846
4073079
4074587
4074588
4074589
4074590
4074591
4074592
4074593
4074594
4074596
4074597
4074598

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-0846: Windows Common Log File System Driver Elevation of Privilege Vulnerability

Microsoft CVE-2018-0846: Windows Common Log File System Driver Elevation of Privilege Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.