CVE-2018-8217

Summary

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8221.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows Server 2016(Server Core installation)affected
MicrosoftWindows 1032-bit Systemsaffected
MicrosoftWindows 10Version 1607 for 32-bit Systemsaffected
MicrosoftWindows 10Version 1607 for x64-based Systemsaffected
MicrosoftWindows 10Version 1703 for 32-bit Systemsaffected
MicrosoftWindows 10Version 1703 for x64-based Systemsaffected
MicrosoftWindows 10x64-based Systemsaffected

Weaknesses

  • Security Feature Bypass

ADP Enrichment

CVE Program Container

Additional References

References