CVE-2018-8174: Microsoft Windows VBScript Engine Out-of-Bounds Write
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
- CISA KEV-listed (remediation due 2022-08-15)
- used in ransomware campaigns
- EPSS 94.3% (99.9% percentile)