CVE-2019-0721 — Improper Input Validation in Microsoft Windows

CWE-20 — Improper Input Validation17 documents9 sources

Severity

9.1CRITICALNVD

EPSS

2.0%

top 16.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Microsoft Windows 10 Version 1903 FOR X64-based Systems Microsoft Windows Server +4 more

Timeline

PublishedNov 12

Latest updateMay 24

Description

A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0719.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages5 packages

▶CVEListV5microsoft/windows_server13 versions+12

▶CVEListV5microsoft/windows_10_version_1903_for_x64-based_systemsunspecified

▶CVEListV5microsoft/windows6 versions+5

▶NVDmicrosoft/windowsr2, 1803, 1903+2

▶NVDmicrosoft/windows_105 versions+4

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-c9x8-4v35-37qf: A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticat↗2022-05-24

▶

GHSA

GHSA-wgjq-j646-4ghv: A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticat↗2022-05-24

▶

CVEList

CVE-2019-0721: A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticat↗2019-11-12

▶

CVEList

CVE-2019-0719: A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticat↗2019-11-12

▶

💥Exploits & PoCs

Metasploit

Microsoft Exchange ProxyLogon Collector↗

▶

Metasploit

Microsoft Exchange ProxyLogon Scanner↗

▶

Metasploit

Microsoft Exchange ProxyLogon RCE↗

▶

📋Vendor Advisories

Microsoft

Hyper-V Remote Code Execution Vulnerability↗2019-11-12

▶

🕵️Threat Intelligence

Trendmicro

November Patch Tuesday: 74 Fixes Before Major Update↗2019-11-13

▶

Trendmicro

November Patch Tuesday: 74 Fixes Before Major Update↗2019-11-13

▶

Qualys

November 2019 Patch Tuesday – 74 vulns, 13 Critical, Actively Attacked IE vuln, Hyper-V escapes, Adobe↗2019-11-12

▶

Talos

Microsoft Patch Tuesday — Nov. 2019: Vulnerability disclosures and Snort coverage↗2019-11-12

▶

Talos

Microsoft Patch Tuesday — Nov. 2019: Vulnerability disclosures and Snort coverage↗2019-11-12

▶