Main Vulnerability Database Exploits ID:1346 - Exploit for Security restrictions bypass in Windows and Windows Server - CVE-2017-11823

ID:1346 - Exploit for Security restrictions bypass in Windows and Windows Server - CVE-2017-11823

Published: March 18, 2020

Vulnerability identifier: #VU8758

Vulnerability risk: Low

CVE-ID: CVE-2017-11823

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://www.exploit-db.com/exploits/42997/

Vulnerability description

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists Device Guard when PowerShell exposes functions and processes user supplied code. A local attacker can inject malicious code into a Windows PowerShell session and bypass the Device Guard Code Integrity policy.

Remediation

Install updates from vendor's website.

ID:1346 - Exploit for Security restrictions bypass in Windows and Windows Server - CVE-2017-11823

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human