CVE-2017-11830 Information

Description

Device Guard in Windows 10 Gold 1511 1607 1703 and 1709 Windows Server 2016 and Windows Server version 1709 allows an attacker to make an unsigned file appear to be signed due to a security feature bypass aka \Device Guard Security Feature Bypass Vulnerability.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Reference

http://www.securityfocus.com/bid/101714 http://www.securitytracker.com/id/1039790 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11830 https://www.exploit-db.com/exploits/43162/

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

5.3