PT-2018-2691 · Microsoft+1 · Powershell+1

Publicado

2018-12-16

Atualizado

2019-10-09

CVE-2018-6668

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions McAfee Application Control / Change Control version 7.0.1 and earlier

Description The issue is related to a whitelist bypass, which can lead to execution bypass. This can be achieved, for example, through simple DLLs and interpreters such as PowerShell. The vulnerability is associated with errors in the implementation of execution restriction policies, allowing an attacker to execute arbitrary commands using the command line.

Recommendations For McAfee Application Control / Change Control version 7.0.1 and earlier, consider restricting the use of interpreters like PowerShell to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-592

Identificadores relacionados

BDU:2019-01359

CVE-2018-6668

Produtos afetados

Mcafee Application/Change Control

Powershell

PT-2018-2691 · Microsoft+1 · Powershell+1

CVE-2018-6668

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7