5.3

CVE-2017-11830

Exploit
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows 10 Version-
MicrosoftWindows 10 Version1511
MicrosoftWindows 10 Version1607
MicrosoftWindows 10 Version1703
MicrosoftWindows 10 Version1709
MicrosoftWindows Server Version1709
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.57% 0.831
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 1.8 3.4
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

http://www.securityfocus.com/bid/101714
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039790
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11830
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/43162/
Third Party Advisory
Exploit
VDB Entry
Technical Description