[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability - CVE-2018-8222

ID: oval:org.secpod.oval:def:46365Date: (C)2018-07-11   (M)2024-03-06
Class: VULNERABILITYFamily: windows




A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then inject malicious code into a script that is trusted by the Code Integrity policy. The injected code would then run with the same trust level as the script and bypass the Code Integrity policy. The update addresses the vulnerability by correcting how PowerShell exposes functions and processes user supplied code.

Platform:
Microsoft Windows Server
Microsoft Windows 10
Microsoft Windows Server 2016
Reference:
CVE-2018-8222
CVE    1
CVE-2018-8222
CPE    17
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_server_2016:::x64
cpe:/o:microsoft:windows_10:1607:::x64
cpe:/o:microsoft:windows_10:1607:::x86
...

© SecPod Technologies