TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2019-0543

HIGHCISA KEV
7.8

Beschreibung

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE Details

CVSS v3.1 Bewertung7.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht1/8/2019
Zuletzt geandert1/14/2026
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerMicrosoft
ProduktWindows
SchwachstellennameMicrosoft Windows Privilege Escalation Vulnerability
KEV Aufnahmedatum2022-03-15
Behebungsfrist2022-04-05
Ransomware-NutzungKnown

Betroffene Produkte

microsoft:windows_10_1507microsoft:windows_10_1607microsoft:windows_10_1703microsoft:windows_10_1709microsoft:windows_10_1803microsoft:windows_10_1809microsoft:windows_7microsoft:windows_8.1microsoft:windows_rt_8.1microsoft:windows_server_1709microsoft:windows_server_1803microsoft:windows_server_2008microsoft:windows_server_2012microsoft:windows_server_2016microsoft:windows_server_2019

Schwachen (CWE)

CWE-287CWE-287

Referenzen

http://www.securityfocus.com/bid/106408(secure@microsoft.com)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0543(secure@microsoft.com)
https://www.exploit-db.com/exploits/46156/(secure@microsoft.com)
http://www.securityfocus.com/bid/106408(af854a3a-2127-422b-91ae-364da2661108)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0543(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/46156/(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0543(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.