CVE-2019-1175
Windows Elevation of Privilege Vulnerability
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
14 ago 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability by ensuring the psmsrv.dll properly handles objects in memory.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Productos afectados
Microsoft · Windows 10 Version 1709Microsoft · Windows 10 Version 1709 for 32-bit SystemsMicrosoft · Windows 10 Version 1803Microsoft · Windows 10 Version 1809Microsoft · Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Windows 10 Version 1903 for x64-based SystemsMicrosoft · Windows Server 2019Microsoft · Windows Server 2019 (Server Core installation)Microsoft · Windows Server, version 1803 (Server Core Installation)Microsoft · Windows Server, version 1903 (Server Core installation)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →