⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2019-1040Microsoft Windows 10 Version 1507 vulnerability

6 documents6 sources
Severity
5.3MEDIUMNVD
EPSS
89.7%
top 0.43%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
22
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1703+19 more
Timeline
PublishedJun 12
Latest updateMay 24

Description

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature. The update addresses the vulner

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages22 packages

CVEListV5microsoft/windows_server_20126.2.9200.0publication
CVEListV5microsoft/windows_server_201610.0.14393.0publication
CVEListV5microsoft/windows_server_201910.0.17763.0publication
CVEListV5microsoft/windows_server_2012_r26.3.9600.0publication
CVEListV5microsoft/windows_server_2008_service_pack_26.0.6003.0publication+1

Patches

Patch: portal.msrc.microsoft.com

🔴Vulnerability Details

3
GHSA
GHSA-8vpr-83m7-3f7q: A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity2022-05-24
CVEList
Windows NTLM Tampering Vulnerability2019-06-12
VulnCheck
Windows NTLM Tampering2019

📋Vendor Advisories

1
Microsoft
Windows NTLM Tampering Vulnerability2019-06-11

🕵️Threat Intelligence

1
Huntress
CVE-2019-1040 Vulnerability: Analysis, Impact, Mitigation | Huntress
CVE-2019-1040 — Microsoft vulnerability | cvebase