CVE-2018-8222 — Microsoft Windows 10 vulnerability

4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.5%

top 32.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 10 Microsoft Windows 10 Servers Microsoft Windows Server 2016

Timeline

PublishedJul 11

Latest updateMay 13

Description

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages5 packages

▶CVEListV5microsoft/windows_10_serversversion 1709 (Server Core Installation), version 1803 (Server Core Installation)+1

▶CVEListV5microsoft/windows_server_2016(Server Core installation)

▶NVDmicrosoft/windows1709, 1803+1

▶CVEListV5microsoft/windows_1010 versions+9

▶NVDmicrosoft/windows_104 versions+3

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-qwmm-m2vp-9mfp: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session↗2022-05-13

▶

CVEList

CVE-2018-8222: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session↗2018-07-11

▶

📋Vendor Advisories

Microsoft

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability↗2018-07-10

▶