CVE-2019-1322

HIGH KEV RANSOMWARE

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1340.

Exploits (3)

patchapalooza WORKING POC

by apt69 · local

https://github.com/apt69/COMahawk

View Code ZIP pw:eip

exploitdb SUSPICIOUS

localwindows

https://www.exploit-db.com/exploits/47684

View on exploitdb

exploitdb WORKING POC

rubylocalwindows

https://www.exploit-db.com/exploits/47805

View on exploitdb

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/155723/Microsoft-UPnP-Local-Privilege-Elevation.html

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1322

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1322

Scores

CVSS v3 7.8

EPSS 0.3649

EPSS Percentile 97.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2022-03-15

VulnCheck KEV 2020-03-27

InTheWild.io 2022-02-27

ENISA EUVD EUVD-2019-9881

Ransomware Use Confirmed

Classification

Status published

Affected Products (12)

microsoft/windows_10_1803

microsoft/windows_10_1809

microsoft/windows_10_1903

microsoft/windows_server_1803

microsoft/windows_server_1903

microsoft/windows_server_2019

Timeline

Published Oct 10, 2019

KEV Added Mar 15, 2022

Tracked Since Feb 18, 2026