CVE-2019-1388

CVSS 7.8 HIGHEPSS 8.6%● KEVCWE-269

In short

A flaw in Windows' certificate dialog allows unprivileged users to gain elevated (admin) privileges by exploiting improper permission checks. An attacker can abuse the dialog to run commands with higher privileges than their account allows.

Technical detail

CWE-269 improper privilege management in Windows Certificate Dialog fails to enforce privilege restrictions. An attacker with standard user privileges can interact with the certificate dialog component to escalate to administrator-level execution; exploitation requires local access and user interaction with the vulnerable dialog.

Summary generated and translated by AI from the official description.

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Microsoft · Windows Microsoft · Windows 10 Version 1903 for 32-bit Systems Microsoft · Windows 10 Version 1903 for ARM64-based Systems Microsoft · Windows 10 Version 1903 for x64-based Systems Microsoft · Windows Server Microsoft · Windows Server, version 1903 (Server Core installation)

public PoCs found — 5

githubgithub.com/jas502n/CVE-2019-1388★ 193 githubgithub.com/sv3nbeast/CVE-2019-1388★ 72 githubgithub.com/nobodyatall648/CVE-2019-1388★ 20 githubgithub.com/suprise4u/CVE-2019-1388★ 7 githubgithub.com/jaychouzzk/CVE-2019-1388★ 0

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1388 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1388 https://www.zerodayinitiative.com/advisories/ZDI-19-975/