Vulnerability identifier: #VU47622
Vulnerability risk: Low
Exploitation vector: Local
Exploit availability: No
This vulnerability allows a local user to bypass security rescritions feature.
The vulnerability exists due to a security feature bypass issue in the PowerShellGet V2 module. A local user can bypass WDAC (Windows Defender Application Control) policy and execute arbitrary code on a policy locked-down machine.
Install updates from vendor's website.
Vulnerable software versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?