CVE-2018-0824CISA KEV: Actively Exploited

Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability

Published Aug 5, 2024·Updated Aug 5, 2024

Description

Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or script.

Public Exploits & PoCs1 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free