CVE-2017-8715
published 2017-10-13CVE-2017-8715: The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles…
PriorityP424medium5.3CVSS 3.0
AVLACLPRLUINSUCLILAL
EPSS
1.66%
73.7th percentile
The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass".
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft_corporation | device_guard | — | — |
| msrc | windows_10_for_32-bit_systems | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | windows_10_version_1703_for_32-bit_systems | — | — |
| msrc | windows_10_version_1703_for_x64-based_systems | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_msrc5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-74pw-q437-p53q: The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it
ghsa_unreviewed·2022-05-13
CVE-2017-8715 [MEDIUM] GHSA-74pw-q437-p53q: The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it
The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass".
Microsoft
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
vendor_msrc·2017-10-10·CVSS 5.3
CVE-2017-8715 [MEDIUM] Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
To exploit the vulnerability, an attacker would first have to access the local machine, and then inject malicious code into a script that is trusted by the Code Integrity policy. The injected code would then run with the same trust level as the script and bypass the Code Integrity policy.
The update addresses the vulnerability by correcting how PowerShell exposes functions and
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/101163http://www.securitytracker.com/id/1039526https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8715http://www.securityfocus.com/bid/101163http://www.securitytracker.com/id/1039526https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8715
2017-10-13
Published