Windows Runtime Elevation of Privilege Vulnerability in Microsoft Products
CVE-2019-0570

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows Server 2012 R2
Windows Rt 8.1
Windows Server 2012
Windows Server 2019
Vendor
CVE Published:
8 January 2019

What is CVE-2019-0570?

An elevation of privilege vulnerability exists due to improper handling of objects in memory by the Windows Runtime. This flaw allows attackers to exploit the vulnerability and gain heightened access privileges, enabling them to execute arbitrary code with elevated permissions. Affected systems include various Windows Server and desktop versions, making it a significant security concern for users and administrators alike.

Affected Version(s)

Windows 10 32-bit Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

References

https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/106415
vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/46184/
exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.