CVE-2018-8200Microsoft Windows 10 vulnerability

5 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
1.3%
top 20.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Windows 10Microsoft Windows 10 ServersMicrosoft Windows Server 2016
Timeline
PublishedAug 15
Latest updateMay 13

Description

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8204.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages5 packages

CVEListV5microsoft/windows_10_serversversion 1709 (Server Core Installation), version 1803 (Server Core Installation)+1
CVEListV5microsoft/windows_server_2016(Server Core installation)
NVDmicrosoft/windows1709, 1803+1
CVEListV5microsoft/windows_1010 versions+9
NVDmicrosoft/windows_104 versions+3

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-xm72-r4c7-v3v9: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session2022-05-13
CVEList
CVE-2018-8200: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session2018-08-15

💥Exploits & PoCs

1
Exploit-DB
Exim < 4.90.1 - 'base64d' Remote Code Execution2018-05-02

📋Vendor Advisories

1
Microsoft
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability2018-08-14
CVE-2018-8200 — Microsoft Windows 10 vulnerability | cvebase