CCE-97098-8Platform: cpe:/o:microsoft:windows_11 | Date: (C)2022-05-07 (M)2023-07-04 |
This policy setting enables or disables networking in the sandbox. You can disable network access to decrease the attack surface exposed by the sandbox.
If you enable this policy setting, networking is done by creating a virtual switch on the host, and connects the Windows Sandbox to it via a virtual NIC.
If you disable this policy setting, networking is disabled in Windows Sandbox.
If you do not configure this policy setting, networking will be enabled.
Note that enabling networking can expose untrusted applications to the internal network.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows SandboxAllow networking in Windows Sandbox
(2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsSandbox!AllowNetworking
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Sandbox\Allow networking in Windows Sandbox
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Sandbox!AllowNetworking
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.0 | Attack Vector: LOCAL |
Exploit Score: 1.0 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:79837 |