CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
CVE-2019-0786 | Hyper-V vSMB Remote Code Execution Vulnerability | Windows 10 | Critical | 11-04-2019 |
Technical Information
Brief overview of the risk:
An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker who successfully exploited this vulnerability could bypass certain security checks in the operating system.
Detailed Information on the risk:
To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
Further information on this exploit is available at : CVE-2019-0786
Affected Software
Windows 10 Version 1709 for 32-bit Systems,
Windows 10 Version 1709 for x64-based Systems,
Windows Server, version 1709 (Server Core Installation),
Windows 10 Version 1803 for 32-bit Systems,
Windows 10 Version 1803 for x64-based Systems,
Windows Server, version 1803 (Server Core Installation),
Windows 10 Version 1803 for ARM64-based Systems,
Windows 10 Version 1809 for 32-bit Systems,
Windows 10 Version 1809 for x64-based Systems,
Windows 10 Version 1809 for ARM64-based Systems,
Windows Server 2019,
Windows Server 2019 (Server Core installation),
Windows 10 Version 1709 for ARM64-based Systems