PowerShell Script Modification Vulnerability in Microsoft Windows 10 and Server 2016
CVE-2017-0007

5.5MEDIUM

Key Information:

Vendor

Microsoft
Status
Device Guard
Vendor
CVE Published:
17 March 2017

What is CVE-2017-0007?

The PowerShell Security Feature Bypass vulnerability in Microsoft Windows 10 and Windows Server 2016 allows remote attackers to alter PowerShell scripts while preserving their associated signatures. This could grant unauthorized execution of malicious scripts, potentially compromising system security and integrity. The flaw affects multiple versions of Windows and underscores the necessity for robust security policies and practices.

Affected Version(s)

Device Guard Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016

References

https://enigma0x3.net/2017/04/03/defeating-device-guard-a...
x_refsource_MISC
http://www.securityfocus.com/bid/96018
vdb-entryx_refsource_BID
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.