Unrated severityCISA KEVNVD Advisory· Published Aug 15, 2018· Updated Oct 21, 2025

CVE-2018-8414

Description

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.

Affected products

Microsoft/Windows 10 Serversv5
Range: version 1709 (Server Core Installation)
Microsoft/Windows 10v5
Range: Version 1703 for 32-bit Systems

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/105016mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1041458mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.070
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000