Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-8256: Microsoft PowerShell Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Microsoft CVE-2018-8256: Microsoft PowerShell Remote Code Execution Vulnerability

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
11/13/2018
Created
03/19/2019
Added
11/13/2018
Modified
07/14/2023

Description

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system. The security update fixes the vulnerability by ensuring PowerShell properly handles files.

Solution(s)

  • msft-kb4467106-339c91f5-6d1d-4a41-909b-af57c1ac99a3
  • msft-kb4467106-77ada8e4-99c2-40c7-8867-e59607dc0342
  • msft-kb4467106-a62b9202-94f2-490b-a7d0-bdd73289f256
  • msft-kb4467106-aec57e1b-7d44-4547-9e12-cb875413faf2
  • msft-kb4467106-bab904d4-da6f-47a1-adeb-386a94e86000
  • msft-kb4467106-cef2f089-c315-4edb-bb16-a3ace65d86d4
  • msft-kb4467678-11014fbd-a577-4e68-99a5-1dd1ce3d6b5a
  • msft-kb4467678-1db3b379-c517-4511-9094-3e1c44cc7c1c
  • msft-kb4467678-f598871e-153b-4d69-8932-89d58e2ff38d
  • msft-kb4467680-0a666e10-bb64-4f37-8b7e-20f2b3eb235c
  • msft-kb4467680-6988d33c-8082-49f9-8e2a-f8ad8c4df1e1
  • msft-kb4467686-3c057c49-c094-4d39-9dba-7321ae3c1037
  • msft-kb4467686-83ea38af-2fcf-4204-b548-19f1c8e94dd7
  • msft-kb4467686-d0febc2d-2eef-41b1-8ed2-de28090864b2
  • msft-kb4467691-6c9fe01b-dae1-44fb-9770-61dfd0d958ce
  • msft-kb4467691-6cdb3985-d0f5-45c1-b02d-1c0d0a7a6331
  • msft-kb4467691-9851d749-ef79-4cb8-aedb-b2182030e778
  • msft-kb4467696-7d40ea9a-7aa3-4099-997a-dcbde6f09c3f
  • msft-kb4467696-ae52ed53-9c56-4ba0-9bf0-1a1a653de2dd
  • msft-kb4467702-2762e5c6-d255-422b-8d7b-75eecbed3f1b
  • msft-kb4467702-46021965-6b4b-40a5-9546-c4509d8a3b67
  • msft-kb4467702-6de3d9f1-4361-42ee-b29b-baddef3e7699
  • msft-kb4467703-579a9a1e-0b54-4f92-a48b-2086de3e44c5
  • msft-kb4467703-b9d9c93f-8b29-4d1c-8a54-395b4e31ccc9
  • msft-kb4467703-e4835420-ee77-4a03-95c2-6c626ee5f246
  • msft-kb4467708-2687c501-87f3-4790-9046-b67fdce9360c
  • msft-kb4467708-336f82a4-3bf6-458a-bc77-0f367969249f
  • msft-kb4467708-b1aca295-4d89-458e-b3ae-7f828f1cfb30

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;