CVE-2018-8589
Microsoft Win32k Privilege Escalation Vulnerability
CVSS
—
No CVSS
EPSS
3.0%
p86
KEV
YES
May 23, 2022
Exploit Today
76
0-100
Published: — · Last modified: —
3.0%EPSS · 30 days3.0%
2026-06-302026-07-17
Product
Microsoft / Win32k
Vulnerability
Microsoft Win32k Privilege Escalation Vulnerability
Added to KEV
May 23, 2022
Remediate by
Jun 13, 2022
Known ransomware use
No
Summary description
A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-8589
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2014-4113—99.7%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2016-7255—99.6%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2021-1732—99.5%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2019-1458—99.4%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2018-8120—99.4%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2018-8453—99.3%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—