CVE-2018-8221 | Vulnerability Database | Aqua Security

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka Device Guard Code Integrity Policy Security Feature Bypass Vulnerability. This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217.

Affected Software

Name	Vendor	Start Version	End Version
Windows_10	Microsoft	- (including)	- (including)
Windows_10	Microsoft	1607 (including)	1607 (including)
Windows_10	Microsoft	1703 (including)	1703 (including)
Windows_10	Microsoft	1709 (including)	1709 (including)
Windows_10	Microsoft	1803 (including)	1803 (including)
Windows_server_2016	Microsoft	- (including)	- (including)
Windows_server_2016	Microsoft	1709 (including)	1709 (including)
Windows_server_2016	Microsoft	1803 (including)	1803 (including)

References

http://www.securityfocus.com/bid/104338
http://www.securitytracker.com/id/1041098
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8221

NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-8221
CWE	https://cwe.mitre.org/data/definitions/.html