PT-2018-2077 · Microsoft · Windows 10 Servers+6

Bohops

Published

2018-10-09

Updated

2019-10-03

CVE-2018-8492

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Windows Server 2016 Windows 10 Windows Server 2019 Windows 10 Servers

Description The issue is related to a security feature bypass in the Device Guard component of the Windows operating system, which is caused by errors in security settings. This could allow a local attacker to inject arbitrary code into a Windows PowerShell session.

Recommendations For Windows Server 2016, update the Device Guard settings to prevent code injection. For Windows 10, apply the necessary security patches to fix the bypass vulnerability. For Windows Server 2019, modify the code integrity policy to prevent malicious code injection. For Windows 10 Servers, restrict access to the Windows PowerShell session until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-254

Related Identifiers

BDU:2019-00027

CVE-2018-8492

Affected Products

Device Guard

Windows

Windows 10

Windows 10 Servers

Windows Powershell

Windows Server 2016

Windows Server 2019

PT-2018-2077 · Microsoft · Windows 10 Servers+6

CVE-2018-8492

Weakness Enumeration

Related Identifiers

Affected Products

References · 8