Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-1170Missing Authorization in Microsoft Windows 10 Version 1809

CWE-862Missing Authorization6 documents5 sources
Severity
8.8HIGHNVD
EPSS
1.0%
top 23.52%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
15
Microsoft Windows 10 Version 1809Microsoft Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Windows 10 Version 1903 FOR Arm64-based Systems+12 more
Timeline
PublishedAug 14
Latest updateMay 24

Description

An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by preventing sandboxed

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages15 packages

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-56c7-crpq-gf4p: An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Eleva2022-05-24

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows 10 - SET_REPARSE_POINT_EX Mount Point Security Feature Bypass2019-08-26

📋Vendor Advisories

1
Microsoft
Windows NTFS Elevation of Privilege Vulnerability2019-08-13

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday — Aug. 2019: Vulnerability disclosures and Snort coverage2019-08-13
Talos
Microsoft Patch Tuesday — Aug. 2019: Vulnerability disclosures and Snort coverage2019-08-13
CVE-2019-1170 — Missing Authorization in Microsoft | cvebase