CVE-2019-1167

4.1MEDIUM

Key Information:

Vendor: Microsoft
Status: Powershell Core
Vendor: CVE Published:; 19 July 2019

Summary

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.

Affected Version(s)

PowerShell Core 6.1

PowerShell Core 6.2

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2019
Vulnerability Reserved
Nov 26, 2018

Collectors

NVD DatabaseMitre Database