Описание
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
A hypervisor-protected code integrity (HVCI) security feature bypass vulnerability could exist when Windows incorrectly allows certain kernel-mode pages to be marked as Read, Write, Execute (RWX) even with HVCI enabled. To exploit this vulnerability an attacker could run a specially crafted script at administrator level that exploits a signed driver to bypass code integrity protections in Windows.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2022 | ||
| Windows Server 2022 (Server Core installation) | ||
| Windows 11 version 21H2 for x64-based Systems | ||
| Windows 11 version 21H2 for ARM64-based Systems | ||
| Windows 10 Version 21H2 for 32-bit Systems | ||
| Windows 10 Version 21H2 for ARM64-based Systems | ||
| Windows 10 Version 21H2 for x64-based Systems | ||
| Windows 11 Version 22H2 for ARM64-based Systems | ||
| Windows 11 Version 22H2 for x64-based Systems | ||
| Windows 10 Version 22H2 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
7.8 High
CVSS3
Связанные уязвимости
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Уязвимость функции защиты целостности кода гипервизором Hypervisor-protected Code Integrity (HVCI) операционной системы Windows, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
7.8 High
CVSS3