CVE-2019-0573

EPSS 20.1%

Vexday Risk Score

28Low

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS —EPSS 20.1%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

08 Jan 2019Published on NVD

14 Jan 2019Public PoC

Recommendation: Plan a near-term fix — a public PoC already exists.

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0571, CVE-2019-0572, CVE-2019-0574.

Affected products

Microsoft · Windows 10 Microsoft · Windows 10 Servers Microsoft · Windows Server 2016 Microsoft · Windows Server 2019

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/46158/unverified exploitdbwww.exploit-db.com/exploits/46158unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0573 https://www.exploit-db.com/exploits/46158/http://www.securityfocus.com/bid/106430