CVE-2017-0007

EPSS 11.3%

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 11.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

17 Mar 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."

Affected products

Microsoft Corporation · Device Guard

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://enigma0x3.net/2017/04/03/defeating-device-guard-a-look-into-cve-2017-0007/https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0007 http://www.securityfocus.com/bid/96018 http://www.securitytracker.com/id/1038001