HTTP: Windows CVE-2018-0877 Desktop Bridge VFS Elevation Of Privilege
This signature detects an attempt to exploit a Windows Desktop Bridge VFS Elevation of Privilege. Successful exploitation could lead to remote code execution
Extended Description
The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how file paths are managed, aka "Windows Desktop Bridge VFS Elevation of Privilege Vulnerability".
Affected Products
Microsoft windows_server_2016
References
CVE: CVE-2018-0877
Short Name
HTTP:STC:DL:CVE-2018-0877-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Bridge CVE-2018-0877 Desktop Elevation Of Privilege VFS Windows
Release Date
03/13/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.2