Powershell Core
CVE-2019-0632
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.
AnalysisAI
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Technical ContextAI
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631. Affected products include: Microsoft Powershell Core, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Powershell Core
View allA remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft
.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitabl
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft Pow
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remot
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Cor
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Servic
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. R
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today