High severity7.8NVD Advisory· Published Aug 15, 2018· Updated Jun 17, 2026
CVE-2018-8343
CVE-2018-8343
Description
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8342.
Affected products
10- Range: 32-bit Systems
- Range: version 1709 (Server Core Installation)
- Range: 32-bit systems
- Range: Windows RT 8.1
- Range: Itanium-Based Systems Service Pack 1
(Server Core installation)+ 1 more
- (no CPE)range: (Server Core installation)
- (no CPE)range: (Server Core installation)
- Range: (Server Core installation)
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/104982nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041466nvdThird Party AdvisoryVDB Entry
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8343nvdVendor Advisory
News mentions
0No linked articles in our index yet.