CVE-2019-1345

MEDIUM

Windows 10 and Windows Server 2016/2019 - Out-of-bounds Read in Kernel Memory Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-1345. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a Windows kernel crash (BSOD) via a malformed PE image, triggering a PAGE_FAULT_IN_NONPAGED_AREA in nt!MiParseImageLoadConfig when loaded via LoadLibraryEx. The PoC is a minimized PE file that causes a DoS when interacted with in Explorer or APIs like GetFileVersionInfoSizeExW.

Description

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1334.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/47487

View Code ZIP pw:eip

This exploit demonstrates a Windows kernel crash (BSOD) via a malformed PE image, triggering a PAGE_FAULT_IN_NONPAGED_AREA in nt!MiParseImageLoadConfig when loaded via LoadLibraryEx. The PoC is a minimized PE file that causes a DoS when interacted with in Explorer or APIs like GetFileVersionInfoSizeExW.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Windows 10, Windows Server 2019 (32-bit and 64-bit)

No auth needed

Prerequisites: Ability to place a malformed PE file on the target system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_misc

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1345

Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/154800/Microsoft-Windows-Kernel-nt-MiParseImageLoadConfig-Out-Of-Bounds-Read.html

Scores

CVSS v3 5.5

EPSS 0.0283

EPSS Percentile 84.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-125

Status published

Products (10)

microsoft/windows_10

microsoft/windows_10 1607

microsoft/windows_10 1709

microsoft/windows_10 1803

microsoft/windows_10 1809

microsoft/windows_10 1903

microsoft/windows_server_2016

microsoft/windows_server_2016 1803

microsoft/windows_server_2016 1903

microsoft/windows_server_2019

Published Oct 10, 2019

Tracked Since Feb 18, 2026