CVE-2018-8492Microsoft Windows 10 vulnerability

4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.8%
top 25.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Microsoft Windows 10Microsoft Windows 10 ServersMicrosoft Windows Server 2016+1 more
Timeline
PublishedOct 10
Latest updateMay 13

Description

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages6 packages

CVEListV5microsoft/windows_10_serversversion 1709 (Server Core Installation), version 1803 (Server Core Installation)+1
CVEListV5microsoft/windows_server_2016(Server Core installation)
CVEListV5microsoft/windows_server_2019(Server Core installation)
NVDmicrosoft/windows1709, 1803+1
CVEListV5microsoft/windows_1010 versions+9

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-v35q-rg96-5gx6: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session2022-05-13
CVEList
CVE-2018-8492: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session2018-10-10

📋Vendor Advisories

1
Microsoft
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability2018-10-09
CVE-2018-8492 — Microsoft Windows 10 vulnerability | cvebase