PT-2013-4726 · Microsoft · Hyper-V+1
Felix Wilhelm
·
Published
2013-11-13
·
Updated
2018-10-12
·
CVE-2013-3898
CVSS v2.0
7.9
High
| Vector | AV:A/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows versions 8 and Server 2012
Description
The issue allows guest OS users to execute arbitrary code in all guest OS instances and cause a denial of service (host OS crash) via a guest-to-host hypercall with a crafted function parameter.
Recommendations
For Microsoft Windows versions 8 and Server 2012, ensure that Hyper-V is properly configured and consider restricting hypercall functionality until a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hyper-V
Windows