BID:104649

Microsoft Windows PowerShell CVE-2018-8327 Remote Code Execution Vulnerability

CVE-2018-8327 |

Info

Microsoft Windows PowerShell CVE-2018-8327 Remote Code Execution Vulnerability

Bugtraq ID:	104649
Class:	Unknown
CVE:	CVE-2018-8327
Remote:	Yes
Local:	No
Published:	Jul 10 2018 12:00AM
Updated:	Jul 10 2018 12:00AM
Credit:	Ryan Cumbee (Casaba Security, LLC) & Cory Carson (Casaba Security, LLC) under contract for Microsoft at the time.
Vulnerable:	Microsoft PowerShell Extension for Visual Studio Code 0 Microsoft PowerShell Editor Services 0

Not Vulnerable:

Discussion

Microsoft Windows PowerShell CVE-2018-8327 Remote Code Execution Vulnerability

Microsoft Windows PowerShell is prone to a remote code-execution vulnerability.

Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected process. Failed exploit attempts will likely result in denial-of-service conditions.

Exploit / POC

Microsoft Windows PowerShell CVE-2018-8327 Remote Code Execution Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Microsoft Windows PowerShell CVE-2018-8327 Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

Microsoft Windows PowerShell CVE-2018-8327 Remote Code Execution Vulnerability

References:

Microsoft Windows Homepage (Microsoft)
CVE-2018-8327 | PowerShell Editor Services Remote Code Execution Vulnerability (Microsoft)