CVE-2019-1405
CVE-2019-1405
In short
The Windows UPnP service incorrectly allows creation of COM objects, letting an attacker with local access gain higher privileges on the system. This is dangerous because it bypasses normal security protections.
Technical detail
A privilege escalation vulnerability in the Windows UPnP service stemming from improper COM object instantiation control (CWE-269). An authenticated local attacker can leverage this to execute arbitrary code with elevated privileges by instantiating privileged COM objects, bypassing privilege boundary enforcement.
Summary generated and translated by AI from the official description.
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Microsoft · WindowsMicrosoft · Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Windows 10 Version 1903 for x64-based SystemsMicrosoft · Windows ServerMicrosoft · Windows Server, version 1903 (Server Core installation)public PoCs found — 4
githubgithub.com/apt69/COMahawk★ 349cve_referencepacketstormsecurity.com/files/155723/Microsoft-UPnP-Local-Privilege-Elevation.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47805unverifiedexploitdbwww.exploit-db.com/exploits/47684unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →