Vulnerability Name: CVE-2018-8201 (CCN-143997) Assigned: 2018-06-12 Published: 2018-06-12 Updated: 2019-10-03 Summary: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8211 , CVE-2018-8212 , CVE-2018-8215 , CVE-2018-8216 , CVE-2018-8217 , CVE-2018-8221 . CVSS v3 Severity: 4.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 3.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): HighPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
4.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 3.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): HighPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
3.5 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): HighAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-noinfo Vulnerability Consequences: Bypass Security References: Source: MITRECVE-2018-8201 104331 Microsoft Windows Device Guard CVE-2018-8201 Local Security Bypass Vulnerability 1041098 ms-device-cve20188201-sec-bypass(143997) Device Guard Code Integrity Policy Security Feature Bypass Vulnerability https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8201 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_10:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1607:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1703:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1709:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1803:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_1709:-:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_1803:-:*:*:*:*:*:x64:* Configuration CCN 1 :cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server:1709:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server:1803:*:*:*:*:*:*:* BACK
microsoft windows 10 -
microsoft windows 10 1607
microsoft windows 10 1703
microsoft windows 10 1709
microsoft windows 10 1803
microsoft windows server 2016 -
microsoft windows server 2016 1709
microsoft windows server 2016 1803
microsoft windows 10 -
microsoft windows 10 -
microsoft windows server 2016
microsoft windows server 1709
microsoft windows server 1803
Denotes that component is vulnerable