New Search

CNG Security Feature Bypass Vulnerability - CVE-2018-0902

oval:org.cisecurity:def:4709

The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold 1511 1607 1703 and 1709. Windows Server 2016 and Windows Server version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces impersonation levels aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from CVE-2018-0884.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 10
  • Microsoft Windows Server 2016
Class:
vulnerability
Reference(s):
  • CVE-2018-0902
Product(s):