[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

123775

 
 

909

 
 

102573

 
 

150

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-0966Date: (C)2018-04-12   (M)2018-11-15


A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 3.3CVSS Score : 2.1
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 1.4Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: NONEAvailability: NONE
Integrity: LOW 
Availability: NONE 
  
Reference:
BID-103622
SECTRACK-1040660
EXPLOIT-DB-44466
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0966

CPE    5
cpe:/o:microsoft:windows_10:1511
cpe:/o:microsoft:windows_server_2016:-
cpe:/o:microsoft:windows_10:1607
cpe:/o:microsoft:windows_10:1703
...
CWE    1
CWE-254
OVAL    6
oval:org.secpod.oval:def:45006
oval:org.secpod.oval:def:45004
oval:org.secpod.oval:def:45000
oval:org.secpod.oval:def:45001
...

© SecPod Technologies