CVE-2019-1164

CWE-12607 documents5 sources
Severity
7.8HIGH
EPSS
0.7%
top 29.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
28
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1703+25 more
Timeline
PublishedAug 14
Latest updateMay 24

Description

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an aff

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages28 packages

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-cpmc-g47q-x324: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Pr2022-05-24
CVEList
Windows Kernel Elevation of Privilege Vulnerability2019-08-14

📋Vendor Advisories

1
Microsoft
Windows Kernel Elevation of Privilege Vulnerability2019-08-13

💬Community

2
Bugzilla
CVE-2019-19919 nodejs-handlebars: prototype pollution leading to remote code execution via crafted payloads2020-01-10
Bugzilla
CVE-2019-2697 Oracle JDK: Unspecified vulnerability fixed in 7u221 and 8u211 (2D)2019-04-29
CVE-2019-1164 (HIGH CVSS 7.8) | An elevation of privilege vulnerabi | cvebase.io