PT-2018-1646 · Microsoft · Windows 10 Servers+4

Niels Ferguson

Publicado

2018-09-11

Atualizado

2019-10-03

CVE-2018-8435

CVSS v2.0

5.4

Média

Vetor

AV:N/AC:H/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions Windows Server 2016 Windows 10 Windows 10 Servers

Description A security feature bypass issue exists due to the Windows Hyper-V BIOS loader's failure to provide a high-entropy source. This allows a remote attacker to bypass built-in security restrictions.

Recommendations For Windows Server 2016, Windows 10, and Windows 10 Servers, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-331CWE-269

Identificadores relacionados

BDU:2018-01205

CVE-2018-8435

Produtos afetados

Windows

Windows 10

Windows 10 Servers

Windows Hyper-V

Windows Server 2016

PT-2018-1646 · Microsoft · Windows 10 Servers+4

CVE-2018-8435

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8