CVE-2019-1215

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 11, 2019

Updated: Aug 24, 2020

Summary

CVE-2019-1215 is an elevation of privilege vulnerability that affects the way ws2ifsl.sys (Winsock) handles memory objects. This issue grants unauthorized users higher access privileges, constituting a serious security threat. It is distinct from other vulnerabilities with CVE IDs 2019-1253, 2019-1278, and 2019-1303. Microsoft has addressed this vulnerability in a security update, and it is highly recommended that users install the patch to mitigate potential risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows 10
Microsoft Windows 8.1
Microsoft Windows Server 2012

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/bP-l64
https://www.cve.org/CVERecord?id=CVE-2019-1215
https://nvd.nist.gov/vuln/detail/CVE-2019-1215

Back to Vulnerability Database