CVE-2017-0007 — Improper Input Validation in Corporation Device Guard

CWE-20 — Improper Input Validation6 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

1.2%

top 20.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Device Guard Microsoft Windows 10 Msrc Windows 10 FOR 32-bit Systems +6 more

Timeline

PublishedMar 17

Latest updateMay 17

Description

Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages9 packages

▶msrcmsrc/windows_server_2016

▶NVDmicrosoft/windows_101511, 1607+1

▶CVEListV5microsoft_corporation/device_guardDevice Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016

▶msrcmsrc/windows_10_version_1511_for_32-bit_systems

▶msrcmsrc/windows_10_version_1607_for_32-bit_systems

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-g66p-2m7v-98p3: Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidatin↗2022-05-17

▶

Kernel

bpf: fix incorrect tracking of register size truncation↗2017-12-18

▶

📋Vendor Advisories

Microsoft

Device Guard Security Feature Bypass Vulnerability↗2017-03-14

▶

💬Community

Bugzilla

CVE-2017-2641 CVE-2017-2643 CVE-2017-2644 CVE-2017-2645 moodle: Multiple security vulnerabilities↗2017-03-22

▶