⚠ Actively exploited

Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2019-1214 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121414 documents11 sources

Severity

7.8HIGHNVD

EPSS

3.7%

top 12.06%

CISA KEV

KEV

Added 2021-11-03

Due 2022-05-03

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Windows Microsoft Windows 10 Version 1903 FOR 32-bit Systems Microsoft Windows 10 Version 1903 FOR Arm64-based Systems +20 more

Timeline

PublishedSep 11

KEV addedNov 3

KEV dueMay 3

Latest updateNov 15

CISA Required Action: Apply updates per vendor instructions.

Description

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages22 packages

▶CVEListV5microsoft/windows_10_version_1903_for_32-bit_systemsunspecified

▶CVEListV5microsoft/windows_10_version_1903_for_x64-based_systemsunspecified

▶CVEListV5microsoft/windows_10_version_1903_for_arm64-based_systemsunspecified

▶msrcmsrc/windows_7

▶msrcmsrc/windows_10

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-2q4x-j5p2-9wxv: An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Window↗2022-05-24

▶

VulnCheck

Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability↗2019

▶

📋Vendor Advisories

Red Hat

bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).↗2024-11-15

▶

CISA

Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability↗2021-11-03

▶

Microsoft

Windows Common Log File System Driver Elevation of Privilege Vulnerability↗2019-09-10

▶

🕵️Threat Intelligence

Qualys

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys↗2022-02-23

▶

Trendmicro

September Patch Tuesday: RDP Vulns and Zero-Days↗2019-09-11

▶

Trendmicro

September Patch Tuesday: RDP Vulns and Zero-Days↗2019-09-11

▶

Krebs

Patch Tuesday, September 2019 Edition↗2019-09-10

▶

Tenable

Microsoft's September 2019 Patch Tuesday: Tenable Roundup↗2019-09-10

▶

External resources

NVD MITRE CISA KEV

Affected products23

Microsoft Windowsv10 Version 1607 for 32-bit Systemsv10 Version 1607 for x64-based Systemsv10 Version 1703 for 32-bit Systems+17 more

Microsoft Windows 10 Version 1903 FOR 32-bit Systemsvunspecified

Microsoft Windows 10 Version 1903 FOR Arm64-based Systemsvunspecified

Microsoft Windows 10 Version 1903 FOR X64-based Systemsvunspecified

Microsoft Windows Serverv2008 R2 for Itanium-Based Systems Service Pack 1v2008 R2 for x64-based Systems Service Pack 1v2008 R2 for x64-based Systems Service Pack 1 (Core installation)+14 more

Microsoft Windows Server 2008vr2

Microsoft Windows Server 2012vr2

Msrc Windows 10

Msrc Windows 10 Version 1607

Msrc Windows 10 Version 1703

Disclosure

PublishedSep 11, 2019

KEV addedNov 3, 2021

KEV dueMay 3, 2022

Latest updateNov 15, 2024