CVE-2019-1458

Scores

EPSS

0.920high92.0%

0%20%40%60%80%100%

Percentile: 92.0%

CVSS

7.8high3.x

0246810

CVSS Score: 7.8/10

All CVSS Scores

CVSS 3.x

7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0

7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

msrcnvd

Related Vulnerabilities

BDU:2020-00578

Exploits

Exploit ID: CVE-2019-1458

Source: cisa

URL: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Exploit ID: 48180

Source: exploitdb

URL: https://www.exploit-db.com/exploits/48180

Vulnerable Software (22)

Type: Configuration

Vendor: *

Product: windows_10_1507

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_10_1607

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_7

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_8.1

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_rt_8.1

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_server_2008

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_server_2012

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: windows_server_2016

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530702

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530730

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4534297

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530691

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530698

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4534283

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530734

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530692

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4534310

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530695

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4530719

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4534303

Source: msrc

Russian Vulnerability Scanner Database

CVE-2019-1458

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

Related Vulnerabilities

Exploits

Vulnerable Software (22)