CVE-2019-1167: High severity vulnerability that affects System.Management.Automation

July 17, 2019 (updated September 1, 2021)

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka ‘Windows Defender Application Control Security Feature Bypass Vulnerability’.

References

github.com/PowerShell/PowerShell/security/advisories/GHSA-5frh-8cmj-gc59
github.com/advisories/GHSA-5frh-8cmj-gc59
nvd.nist.gov/vuln/detail/CVE-2019-1167

Detect and mitigate CVE-2019-1167 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →