CVE-2019-1368Microsoft Windows vulnerability

6 documents5 sources
Severity
4.6MEDIUMNVD
EPSS
0.9%
top 23.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Microsoft WindowsMicrosoft Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Windows 10 Version 1903 FOR Arm64-based Systems+4 more
Timeline
PublishedOct 10
Latest updateMay 24

Description

A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages7 packages

CVEListV5microsoft/windows6 versions+5
NVDmicrosoft/windows1803, 1903+1
NVDmicrosoft/windows_101803, 1809, 1903+2
CVEListV5microsoft/windows_server2019, 2019 (Core installation), version 1803 (Core Installation)+2

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-hgqp-2wch-w4wq: A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Fe2022-05-24
CVEList
CVE-2019-1368: A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Fe2019-10-10

📋Vendor Advisories

1
Microsoft
Windows Secure Boot Security Feature Bypass Vulnerability2019-10-08

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage2019-10-08
Talos
Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage2019-10-08
CVE-2019-1368 — Microsoft Windows vulnerability | cvebase