Windows COM Elevation of Privilege Vulnerability in Microsoft Products
CVE-2019-0552

8.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows Server 2012 R2
Windows Rt 8.1
Windows Server 2019
Windows Server 2016
Vendor
CVE Published:
8 January 2019

What is CVE-2019-0552?

This vulnerability in Windows COM Desktop Broker allows attackers to gain elevated privileges on affected Microsoft products. By exploiting this flaw, a user can take control of the system and perform unauthorized actions, posing significant risks to the security and integrity of the system. The vulnerability impacts various environments, including multiple editions of Windows Server and Windows client versions. It is crucial for users to apply the recommended security updates to mitigate potential exploitation.

Affected Version(s)

Windows 10 32-bit Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

References

https://www.exploit-db.com/exploits/46162/
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/106407
vdb-entryx_refsource_BID
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.