CVE-2018-8253

An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10.

Published: Aug 15, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-8253
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.6
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_10	1607	1607.x

http://www.securityfocus.com/bid/105009
http://www.securitytracker.com/id/1041477
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8253

Vulnerability Database

CVE-2018-8253