CVE-2018-0827

5.3MEDIUM

Key Information:

Vendor: Microsoft
Status: Windows Scripting Host
Vendor: CVE Published:; 15 February 2018

Summary

Windows Scripting Host (WSH) in Windows 10 versions 1703 and 1709 and Windows Server, version 1709 allows a Device Guard security feature bypass vulnerability due to the way objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability".

Affected Version(s)

Windows Scripting Host Windows 10 versions 1703 and 1709 and Windows Server, version 1709

References

http://www.securityfocus.com/bid/102927

vdb-entryx_refsource_BID

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1040373

vdb-entryx_refsource_SECTRACK

EPSS Score

1% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
Dec 1, 2017

Collectors

NVD DatabaseMitre Database

.