CVE-2019-1405

HIGH KEV RANSOMWARE

Microsoft Windows 10 1507 - Improper Privilege Management

Title source: rule

Description

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/47805

View Code ZIP pw:eip

exploitdb SUSPICIOUS

by TomahawkAPT69 · localwindows

https://www.exploit-db.com/exploits/47684

View Code ZIP pw:eip

nomisec WORKING POC 350 stars

by apt69 · local

https://github.com/apt69/COMahawk

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by NCC Group, hoangprod, bwatters-r7 · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/comahawk.rb

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/155723/Microsoft-UPnP-Local-Privilege-Elevation.html

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1405

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1405

Scores

CVSS v3 7.8

EPSS 0.5391

EPSS Percentile 98.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-15

VulnCheck KEV 2020-03-27

InTheWild.io 2022-02-27

ENISA EUVD EUVD-2019-9962

Ransomware Use Confirmed

CWE

CWE-269

Status published

Products (17)

microsoft/windows_10_1507 (2 CPE variants)

microsoft/windows_10_1607 (2 CPE variants)

microsoft/windows_10_1709 (3 CPE variants)

microsoft/windows_10_1803 (3 CPE variants)

microsoft/windows_10_1809 (3 CPE variants)

microsoft/windows_10_1903 (3 CPE variants)

microsoft/windows_7 (2 CPE variants)

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_1803

... and 7 more

Published Nov 12, 2019

KEV Added Mar 15, 2022

Tracked Since Feb 18, 2026