Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2018-8589

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

  • Published: Nov 14, 2018
  • Updated: Nov 4, 2025
  • CVE: CVE-2018-8589
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
microsoft / windows_server_2008 r2-sp1 r2-sp1.x
microsoft / windows_server_2008 --sp2 --sp2.x
microsoft / windows_7 --sp1 --sp1.x