← voltar
CVE-2019-1053

Windows Shell Elevation of Privilege Vulnerability

CVSS 6.3 MEDIUMEPSS 1.3%
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.3EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
12 jun 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require unprivileged execution on the victim system. The security update addresses the vulnerability by correctly validating folder shortcuts.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C