COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2008-4250

CVE-2008-4250

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-05-20
Reference
https://nvd.nist.gov/vuln/detail/CVE-2008-4250
⚡ RCE ⌖ exploited in the wild shame 45/100 rceexploited-in-wildunpatched

Microsoft Windows Server Service buffer overflow vulnerability (CVE-2008-4250) enabled remote code execution via crafted RPC requests.

This 2008 vulnerability allowed remote attackers to execute arbitrary code through a crafted RPC request targeting path canonicalization in the Windows Server Service. As a KEV entry actively exploited in the wild, it represents a critical supply-chain risk for DIB organizations relying on Windows infrastructure, requiring immediate patching and network segmentation to prevent unauthorized access.

Shame score — While the vulnerability was actively exploited, it was disclosed and patched relatively quickly compared to some other high-profile failures.

Players implicated

Microsoft · vendorwindows · product

Description

Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.

Affected FedRAMP products 4 in the catalog

ProductProviderStatusMatch
Azure Commercial Cloud Microsoft Authorized vendor-exact · 0.90
Azure Government (includes Dynamics 365) Microsoft Authorized vendor-exact · 0.90
Microsoft Office 365 GCC High Microsoft In Process vendor-exact · 0.90
Office 365 Multi-Tenant & Supporting Services Microsoft Authorized vendor-exact · 0.90