CVE-2019-19470

HIGH

TinyWall <2.1.12 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-19470. PoCs published by juliourena.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2019-19470, demonstrating a .NET deserialization vulnerability via named pipes. The code includes client and server components for sending and receiving malicious serialized payloads.

Description

Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.

Exploits (1)

nomisec WORKING POC

by juliourena · poc

https://github.com/juliourena/CVE-2019-19470-RedTeamRD

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2019-19470, demonstrating a .NET deserialization vulnerability via named pipes. The code includes client and server components for sending and receiving malicious serialized payloads.

Classification

Working Poc 90%

Attack Type

Deserialization

Complexity

Moderate

Reliability

Reliable

Target: .NET applications using BinaryFormatter

No auth needed

Prerequisites: Named pipe access · Vulnerable .NET application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

https://www.wilderssecurity.com/threads/beta-testing-tinywall.309739/page-62#post-2882843

Third Party Advisory x_refsource_misc

https://gist.github.com/pylorak/7df52c9325614676e07782dbe4e81582

Scores

CVSS v3 7.8

EPSS 0.0095

EPSS Percentile 56.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-502

Status published

Products (1)

tinywall/tinywall < 2.1.13

Published Dec 30, 2019

Tracked Since Feb 18, 2026