CISA Known Exploited Vulnerability

CVE-2018-8405 Ransomware

Microsoft · DirectX Graphics Kernel (DXGKRNL)

Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability

Date added 2022-03-28

BOD 22-01 due date 2022-04-18

CWE CWE-404

Ransomware Known

CISA description

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.

Apply updates per vendor instructions.

Vulnerability data triggers these controls during assessment and continuous monitoring.