Vulnerability Details : CVE-2017-11830
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability".
Products affected by CVE-2017-11830
- cpe:2.3:o:microsoft:windows_server:1709:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-11830
76.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-11830
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.8
|
3.4
|
NIST |
CWE ids for CVE-2017-11830
-
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-11830
-
http://www.securitytracker.com/id/1039790
Microsoft Windows Device Guard File Signature Validation Flaw Lets Remote Users Bypass Security Restrictions on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
https://www.exploit-db.com/exploits/43162/
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature BypassExploit;Technical Description;Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/101714
Microsoft Windows Device Guard CVE-2017-11830 Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11830
CVE-2017-11830 | Device Guard Security Feature Bypass VulnerabilityPatch;Vendor Advisory
Jump to