Description
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'.
Scores
CVSS v3
5.9
EPSS
0.1300
EPSS Percentile
94.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-354
Status
published
Products (18)
microsoft/windows_10
microsoft/windows_10
1607
microsoft/windows_10
1703
microsoft/windows_10
1709
microsoft/windows_10
1803
microsoft/windows_10
1809
microsoft/windows_10
1903
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 8 more
Published
Oct 10, 2019
Tracked Since
Feb 18, 2026