CVE-2018-8991

Name: CVE-2018-8991
Creator: NVD / NIST
Published: 2018-03-25T03:29:00.727+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.41%

Last modified Jun 17, 2026

CVE-2018-8991 is a vulnerability of currently unknown severity. In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002009.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.

Description

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002009.

Metrics

EPSS Probability

0.41%

33.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Windows Optimization Master Project	Windows Optimization Master	7.99.13.604

References

https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002009Exploit, Third Party Advisory
https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002009Exploit, Third Party Advisory

Timeline

Published: Mar 25, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-8991?

How severe is CVE-2018-8991?

Severity scoring for CVE-2018-8991 is pending analysis. The EPSS model estimates a 0.41% probability of exploitation in the next 30 days.

How do I fix CVE-2018-8991?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-8991?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST