Unrated severityCISA KEVNVD Advisory· Published May 9, 2018· Updated Oct 21, 2025

CVE-2018-8120

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.

Affected products

Microsoft/Windows Server 2008v5
Range: 32-bit Systems Service Pack 2
Microsoft/Windows 7v5
Range: 32-bit Systems Service Pack 1
Microsoft/Windows Server 2008 R2v5
Range: Itanium-Based Systems Service Pack 1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/45653/mitreexploitx_refsource_EXPLOIT-DB
www.securityfocus.com/bid/104034mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1040849mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8120mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.060