V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsDocs
Back to catalog
CVE-2019-0881
MSR
HighConfirmedExploit available

An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of…

CVSS
7.8
High
EPSS
0.04
p89
Published
2019-01-01
Updated
2019-01-01
Description

An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

Tags · CWE
CWE-522
CAPEC-50
CAPEC-102
CAPEC-474
CAPEC-509
CAPEC-551
CAPEC-555
CAPEC-560
CAPEC-561
CAPEC-600
CAPEC-644
CAPEC-645
CAPEC-652
CAPEC-653
Affected products
Windows_10Windows_7Windows_8.1Windows_rt_8.1Windows_server_2008Windows_server_2012Windows_server_2016Windows_server_2019
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Timeline
2019-01-01
Published
2019-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: L
Low (L)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.043 · p89
Known exploited (KEV)
No
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-555 · CWE-522
└ via CAPEC-561 · CWE-522
└ via CAPEC-560 · CWE-522
└ via CAPEC-600 · CWE-522
└ via CAPEC-555 · CWE-522
└ via CAPEC-555 · CWE-522
└ via CAPEC-551 · CWE-522
└ via CAPEC-644 · CWE-522
└ via CAPEC-645 · CWE-522
└ via CAPEC-474 · CWE-522
└ via CAPEC-652 · CWE-522
└ via CAPEC-509 · CWE-522
Known exploits — Сканер-ВС
46912
exploitdb · https://www.exploit-db.com/exploits/46912
Enterprise
Affected software
ProductVendorStatus
windows_10*Tracked
windows_7*Tracked
windows_8.1*Tracked
windows_rt_8.1*Tracked
windows_server_2008*Tracked
windows_server_2012*Tracked
windows_server_2016*Tracked
windows_server_2019*Tracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
Source databases
MSR
CVE
Related vulnerabilities
BDU:2019-01991