VDB
CVE-2019-0863
CVE-2019-0863
PUBLISHED
KEV
CVSS 7.199999809265137 HIGH
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level, aka 'Windows NDIS Elevation of Privilege Vulnerability'.
EPSS 6.16% · 91.0th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
6.16%
91.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Server | 2012, 2019, version 1803 (Core Installation) |
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems | unspecified, unspecified |
| microsoft | windows_7 | |
| microsoft | windows_10_1709 | |
| microsoft | windows_10_1703 | |
| microsoft | windows_server_2008 | r2, r2, r2 |
| microsoft | windows_10_1507 | |
| microsoft | windows_server_2019 | |
| Microsoft | Windows Server, version 1903 (Server Core installation) | unspecified, unspecified |
| Microsoft | Windows 10 Version 1903 for 32-bit Systems | unspecified, unspecified |
| microsoft | windows_10_1903 | |
| microsoft | windows_server_2012 | r2, *, r2 |
| microsoft | windows_server_1903 | |
| microsoft | windows_server_2016 | |
| microsoft | windows_10_1803 | |
| Microsoft | Windows | 10 Version 1809 for 32-bit Systems, 10 Version 1803 for ARM64-based Systems, 10 Version 1803 for x64-based Systems |
| microsoft | windows_10_1809 | |
| microsoft | windows_rt_8.1 | |
| microsoft | windows_10_1607 | |
| Microsoft | Windows 10 Version 1903 for x64-based Systems | unspecified, unspecified |
…and 2 more
Exploit Intelligence
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0707 (circl)
- CIRCL seen: CVE-2019-0863 (circl-sighting)
- CIRCL seen: CVE-2019-0863 (circl-sighting)
- CIRCL seen: CVE-2019-0863 (circl-sighting)
- CIRCL seen: CVE-2019-0863 (circl-sighting)
- CIRCL seen: CVE-2019-0863 (circl-sighting)
- CIRCL seen: CVE-2019-0863 (circl-sighting)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0863 (circl)
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0863 (circl)
- http://packetstormsecurity.com/files/153008/Angry-Polar-Bear-2-Microsoft-Windows-Error-Reporting-Local-Privilege-Escalation.html (circl)
…and 26 more exploits
Timeline
- May 14, 2019 VulnCheck KEV Exploitation
- May 15, 2019 CVE Published
- May 15, 2019 PoC Published
- May 24, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Nov 3, 2021 CISA KEV Added
- Nov 8, 2021 PoC Published
- Nov 20, 2021 PoC Published
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0863 url
- http://packetstormsecurity.com/files/153008/Angry-Polar-Bear-2-Microsoft-Windows-Error-Reporting-Local-Privilege-Escalation.html url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0863 url
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-0863 advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0707 url