#VU15872 Security restrictions bypass in Windows and Windows Server
Vulnerability identifier: #VU15872
Vulnerability risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Windows
Operating systems & Components /
Operating system
Windows Server
Operating systems & Components /
Operating system
Vendor: Microsoft
Description
The vulnerability allows a physical attacker to bypass security restrictions on the target system.
The weakness exists due to an error when Microsoft JScript manages COM object creation. A physical attacker can run a specially crafted application to bypass security restrictions and create arbitrary COM objects.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Windows: 10 - 10 1809
Windows Server: 2016 - 2019 1803
External links
http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8417
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
