CVE-2018-8201Microsoft Windows 10 vulnerability

4 documents4 sources
Severity
4.5MEDIUMNVD
EPSS
0.5%
top 32.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Windows 10Microsoft Windows 10 ServersMicrosoft Windows Server 2016
Timeline
PublishedJun 14
Latest updateMay 13

Description

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217, CVE-2018-8221.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.0 | Impact: 3.4

Affected Packages5 packages

CVEListV5microsoft/windows_10_serversversion 1709 (Server Core Installation), version 1803 (Server Core Installation)+1
CVEListV5microsoft/windows_server_2016(Server Core installation)
NVDmicrosoft/windows1709, 1803+1
CVEListV5microsoft/windows_1010 versions+9
NVDmicrosoft/windows_104 versions+3

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-6jm6-86xp-xf35: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session2022-05-13
CVEList
CVE-2018-8201: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session2018-06-14

📋Vendor Advisories

1
Microsoft
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability2018-06-12
CVE-2018-8201 — Microsoft Windows 10 vulnerability | cvebase