| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2018-8540 | .NET Framework Remote Code Injection Vulnerability | Microsoft .NET Framework | Critical | 12-12-2018 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could take control of an affected system.
Detailed Information on the risk:
To exploit the vulnerability, an attacker would need to pass specific input to an application utilizing susceptible .Net methods.
Further information on this exploit is available at : CVE-2018-8540
Affected Software
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.7.2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1