An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1322, CVE-2019-1340.
An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1322, CVE-2019-1340.
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows | 10 Version 1709 for 32-bit Systems, 10 Version 1709 for x64-based Systems, 10 Version 1803 for 32-bit Systems, 10 Version 1803 for x64-based Systems, 10 Version 1803 for ARM64-based Systems, 10 Version 1809 for 32-bit Systems, 10 Version 1809 for x64-based Systems, 10 Version 1809 for ARM64-based Systems, 10 Version 1709 for ARM64-based Systems |
| Microsoft | Windows Server | version 1803 (Core Installation), 2019, 2019 (Core installation) |
| Microsoft | Windows 10 Version 1903 for 32 | bit Systems — unspecified |
| Microsoft | Windows 10 Version 1903 for x64 | based Systems — unspecified |
| Microsoft | Windows 10 Version 1903 for ARM64 | based Systems — unspecified |
| Microsoft | Windows Server, version 1903 (Server Core installation) | unspecified |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice: