Skip to main content

Powershell CVE-2020-0951

MEDIUM
2020-09-11 secure@microsoft.com
6.7
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 11, 2020 - 17:15 cve.org
MEDIUM 6.7

DescriptionCVE.org

<p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.</p> <p>To exploit the vulnerability, an attacker need administrator access on a local machine where PowerShell is running. The attacker could then connect to a PowerShell session and send commands to execute arbitrary code.</p> <p>The update addresses the vulnerability by correcting how PowerShell commands are validated when WDAC protection is enabled.</p>

AnalysisAI

<p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Technical ContextAI

<p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.</p> <p>To exploit the vulnerability, an attacker need administrator access on a local machine where PowerShell is running. The attacker could then connect to a PowerShell session and send commands to execute arbitrary code.</p> <p>The update addresses the vulnerability by correcting how PowerShell commands are validated when WDAC protection is enabled.</p> Affected products include: Microsoft Powershell, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-8327 CRITICAL
9.8 Jul 11

A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code

CVE-2022-41076 HIGH
8.5 Dec 13

PowerShell Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitab

CVE-2022-41121 HIGH
7.8 Dec 13

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l

CVE-2022-26788 HIGH
7.8 Apr 15

PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack comple

CVE-2025-30399 HIGH
7.5 Jun 13

CVE-2025-30399 is an untrusted search path vulnerability in .NET and Visual Studio that allows unauthenticated remote at

CVE-2023-21538 HIGH
7.5 Jan 10

.NET Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no aut

CVE-2022-23267 HIGH
7.5 May 10

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely e

CVE-2020-1108 HIGH
7.5 May 21

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Cor

CVE-2023-36013 MEDIUM
6.5 Nov 20

PowerShell Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploi

CVE-2020-8927 MEDIUM
6.5 Sep 15

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of

CVE-2022-24512 MEDIUM
6.3 Mar 09

.NET and Visual Studio Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remo

CVE-2022-34716 MEDIUM
5.9 Aug 09

.NET Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentica

Share

CVE-2020-0951 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy