CVE-2019-1167

5 documents5 sources

Severity

4.1MEDIUM

EPSS

0.4%

top 38.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Powershell Core

Timeline

PublishedJul 19

Description

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.5 | Impact: 3.6

Affected Packages3 packages

▶NuGetSystem.Management.Automation6.2.0 — 6.2.2+1

▶CVEListV5microsoft/powershell_core6.1, 6.2+1

▶NVDmicrosoft/powershell_core6.1, 6.2+1

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

CVEList

CVE-2019-1167: A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement↗2019-07-19

▶

OSV

System.Management.Automation subject to bypass via script debugging↗2019-07-17

▶

GHSA

System.Management.Automation subject to bypass via script debugging↗2019-07-17

▶

📋Vendor Advisories

Microsoft

Windows Defender Application Control Security Feature Bypass Vulnerability↗2019-07-09

▶