CVE-2017-0007
MEDIUMMicrosoft Windows 10/Server 2016 Device Guard PowerShell Security Feature Bypass
Title source: llmDescription
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."
References (4)
Core 4
Core References
Various Sources x_refsource_misc
https://enigma0x3.net/2017/04/03/defeating-device-guard-a-look-into-cve-2017-0007/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96018
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0007
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038001
Scores
CVSS v3
5.5
EPSS
0.0121
EPSS Percentile
79.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (5)
microsoft/windows_10
microsoft/windows_10
1511
microsoft/windows_10
1607
microsoft/windows_server_2016
Microsoft Corporation/Device Guard
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016
Published
Mar 17, 2017
Tracked Since
Feb 18, 2026