Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-0966Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft Windows 10

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition7 documents6 sources
Severity
3.3LOWNVD
EPSS
0.6%
top 30.35%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Microsoft Windows 10Microsoft Windows 10 ServersMicrosoft Windows Server 2016
Timeline
PublishedApr 12
Latest updateMay 13

Description

A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages5 packages

CVEListV5microsoft/windows_10_serversversion 1709 (Server Core Installation)
CVEListV5microsoft/windows_server_2016(Server Core installation)
CVEListV5microsoft/windows_1010 versions+9
NVDmicrosoft/windows_104 versions+3

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-56gg-2ff9-p4jp: A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability2022-05-13
CVEList
CVE-2018-0966: A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability2018-04-12

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows - 'CiSetFileCache' TOCTOU Incomplete Fix2018-04-16

📋Vendor Advisories

1
Microsoft
Device Guard Security Feature Bypass Vulnerability2018-04-10

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - April 20182018-04-10
Talos
Microsoft Patch Tuesday - April 20182018-04-10
CVE-2018-0966 — Microsoft Windows 10 vulnerability | cvebase