What is CVE-2019-0627?

CVE-2019-0627 is a vulnerability in Microsoft Powershell Core. Published 2019-03-06.

Is CVE-2019-0627 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Powershell Core

CVE-2019-0627

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.

EPSS: 0.002 (46.4th percentile) — read the EPSS interpretation.

Affected products

Microsoft Powershell Core — versions 6.1, 6.2
Microsoft Windows — versions 10 for 32-bit Systems, 10 for x64-based Systems, 10 Version 1607 for 32-bit Systems
Microsoft Windows Server — versions 2016, 2016 (Core installation), version 1709 (Core Installation)

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627 (x_refsource_CONFIRM)
106857 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2019-0627?: CVE-2019-0627 is a vulnerability in Microsoft Powershell Core. Published 2019-03-06.
Is CVE-2019-0627 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.