Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-8565: Windows PowerShell Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Microsoft CVE-2017-8565: Windows PowerShell Remote Code Execution Vulnerability

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
07/11/2017
Created
07/25/2018
Added
07/11/2017
Modified
11/18/2021

Description

A remote code execution vulnerability exists in PowerShell when PSObject wraps a CIM Instance. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system. In an attack scenario, an attacker could execute malicious code in a PowerShell remote session. The update addresses the vulnerability by correcting how PowerShell deserializes user supplied scripts.

Solution(s)

  • msft-kb4025333-2884a1b4-f534-42b7-b4e9-6b07e48912f2
  • msft-kb4025333-9787a4fc-d69c-4bf5-92bf-7ee510368696
  • msft-kb4025333-a8091733-a526-4480-afe7-72a1b3385439
  • msft-kb4025337-27fce932-7817-4fdb-965f-19eb36d78839
  • msft-kb4025337-6c36dd1f-0240-48fa-9696-3fcf17a57a62
  • msft-kb4025337-794feee1-ea78-4c11-a683-a91335abb0e3
  • msft-kb4025337-856a0bc5-b356-4282-a54e-9cf87b548303
  • msft-kb4025337-85fadee5-ed6f-4a22-964a-9b2991c4cff1
  • msft-kb4025337-c15b95d8-875f-4922-9460-08ece3c9b584
  • msft-kb4025338-56ce2a02-e893-484d-8005-0fc74468cc84
  • msft-kb4025338-db3c2241-b6c1-4a6d-83b4-93b1ce46434b
  • msft-kb4025339-84c1a786-79d4-4d94-9a75-fc900083816f
  • msft-kb4025339-a44d500f-fc5d-4fe4-90cb-991568e9cb58
  • msft-kb4025339-d6677d54-ce7a-4774-a696-84de34eff033
  • msft-kb4025342-25acae93-40d4-4e62-814c-efb2f29f1bca
  • msft-kb4025342-682dbdab-6814-494b-84d5-8fb43c070c35
  • msft-kb4025343-3a348a0c-2982-4ee6-b51b-6e4644a6c888
  • msft-kb4025343-733ef1e8-2bb5-4f7e-ae77-70a3fd4f05c6
  • msft-kb4025343-878d370a-a48a-4f91-b0fc-a0dfd69e30ab
  • msft-kb4025344-747ff6a4-ff7b-4405-af04-2a85d1a6f6ad
  • msft-kb4025344-b43ab510-8532-4035-a512-0bdf731245e9
  • msft-kb4025872-74306eea-4085-4815-b1d2-4088f526daac
  • msft-kb4025872-b5aae6b1-4f8b-4540-9547-7ae1689bc18e

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;