Skip to main contentSummary
When configuring a boot image for preboot execution environment (PXE) booting in SCCM, there exists a setting to “Enable command support (testing only).” This setting allows any user that PXE boots into the WinPE environment to press F8 to launch a command prompt, thus enabling more control over the WinPE deployment. This can be abused by attackers attempting to PXE boot from the network.
As the setting text implies, this setting should only be used for testing and debugging the boot image. It should be disabled before the boot image is used in production.
Linked Defensive IDs
Associated Offensive IDs
References
