<< Back
CVE Number Vulnerability Product Severity Date
CVE-2018-8540 .NET Framework Remote Code Injection Vulnerability Microsoft .NET Framework Critical 12-12-2018

Technical Information

Brief overview of the risk:
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could take control of an affected system.

Detailed Information on the risk:
To exploit the vulnerability, an attacker would need to pass specific input to an application utilizing susceptible .Net methods.

Further information on this exploit is available at : CVE-2018-8540

Affected Software

Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.7.2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1