English
EN
Français
FR
Language
English
EN
Français
FR

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

DNA View

⚠️ CISA Known Exploited Vulnerability

Active Threat

This vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Active exploitation has been observed in the wild. This poses significant risk to federal enterprises and should be prioritized for immediate patching.

View CISA KEV Catalog

CVE-2018-8406

High CISA KEV
Low Medium High Critical
7.8
CVSS Score
Published: Aug 15, 2018
Last Modified: Oct 28, 2025

Vulnerability Description

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8405.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
L
Attack Complexity
L
Privileges Required
L
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H

Known Affected Software

8 configuration(s) from 1 vendor(s)

windows_10_1607
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*
windows_server_1803
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*
windows_server_2016
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
windows_10_1703
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*
windows_server_1709
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_server_1709:-:*:*:*:*:*:*:*
windows_10_1507
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*
windows_10_1709
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*
windows_10_1803
Version:
-
CPE:
cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*
This vulnerability affects 8 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

7.8
out of 10.0
High

CISA KEV Status

Active Exploitation

Listed in CISA's Known Exploited Vulnerabilities catalog

View on CISA KEV

Key Information

Published Date
August 15, 2018

External Resources

NIST
NIST NVD
National Vulnerability Database
CD
CVE Details
Detailed vulnerability info
MT
MITRE CVE
Official CVE record