CVE-2019-0717 — Improper Input Validation in Microsoft Windows 10 Version 1809
Severity
5.8MEDIUMNVD
EPSS
1.0%
top 22.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 14
Latest updateMay 24
Description
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.
To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.
The upd…
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.3 | Impact: 4.0
Affected Packages9 packages
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-425q-pgcw-3w5r: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24
GHSA▶
GHSA-7h5f-427r-gfxv: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24
GHSA▶
GHSA-53v3-5x5v-xq33: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24
GHSA▶
GHSA-pwvm-jjrr-8fqg: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24
GHSA▶
GHSA-vh9p-fw52-m8xc: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24