CVE-2019-1392

EUVD-2019-9949
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_8.1
-
microsoftwindows_rt_8.1
-
microsoftwindows_server_2012
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4525232
Windows 8.1
(x64, x86)
KB4525250
Windows RT 8.1
All
KB4525243
Windows Server 2012
Server Core
KB4525253
Standard
KB4525253
Windows Server 2012 R2
Server Core
KB4525250
Standard
KB4525250
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1392
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1392