Описание
Windows Defender Application Control Security Feature Bypass Vulnerability
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security feature locally.
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
An attacker who successfully exploits this vulnerability could bypass Windows Defender Application Control (WDAC) enforcement. This could lead to the ability to run unauthorized applications on target systems.
How could an attacker exploit this vulnerability?
An attacker could exploit this vulnerability by launching any executable that is allowed to launch by a per process rule. Once that executable is validly launched by the correct process, any restrictions on the executable are lifted; and it can be executed outside of the correct process. This bypasses the application control policy entirely
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 10 Version 1809 for 32-bit Systems | ||
| Windows 10 Version 1809 for x64-based Systems | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) | ||
| Windows Server 2022 | ||
| Windows Server 2022 (Server Core installation) | ||
| Windows 10 Version 21H2 for 32-bit Systems | ||
| Windows 10 Version 21H2 for ARM64-based Systems | ||
| Windows 10 Version 21H2 for x64-based Systems | ||
| Windows 11 Version 22H2 for ARM64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
8.4 High
CVSS3
Связанные уязвимости
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security feature locally.
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security feature locally.
Уязвимость технологии Windows Defender Application Control (WDAC) операционных систем Windows, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
8.4 High
CVSS3