Remote Code Execution Vulnerability in Microsoft PowerShell and Windows Products
CVE-2018-8256

8.8HIGH

Key Information:

Vendor
Microsoft
Status
Windows 7
Microsoft.powershell.archive
Windows 10 Servers
Windows Server 2012 R2
Vendor
CVE Published:
14 November 2018

Summary

A vulnerability in Microsoft PowerShell allows for remote code execution when the software improperly processes specially crafted files. This flaw affects multiple versions of Windows and PowerShell, enabling attackers to execute arbitrary code on affected systems, potentially leading to a complete system compromise. Users are advised to apply security updates and follow recommended practices to mitigate risks.

Affected Version(s)

Microsoft.PowerShell.Archive 1.2.2.0

PowerShell Core 6.0

PowerShell Core 6.1

References

http://www.securitytracker.com/id/1042108
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/105781
vdb-entryx_refsource_BID

EPSS Score

68% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.