6
CVSSv2

CVE-2019-1019

Published: 12/06/2019 Updated: 19/07/2019
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
CVSS v3 Base Score: 8.5 | Impact Score: 6 | Exploitability Score: 1.8
VMScore: 534
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Summary

A vulnerability in the NT (New Technology) LAN Manager (NTLM) component of Microsoft Windows could allow an unauthenticated, remote malicious user to bypass security restrictions on a targeted system. The vulnerability exists because the affected software improperly handles validation of network authentication messages. An attacker could exploit the vulnerability by sending authentication requests that submit malicious input to the affected software. A successful exploit could allow the malicious user to access another system with the privileges of the original user. Microsoft confirmed the vulnerability and released software updates.

Vulnerability Trend

Exploits

VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is allowed to create TCP sockets In particular, I was able to combine the issues mentioned below with a bug in Chromium to escape its sandbox ## HTTP -> SMB NTLM reflection This is a long known attack that ...

Github Repositories

UltraRelay Updated by Lazaar Sami for the exploit CVE-2019-1040 UltraRelay is a tool for LLMNR poisoning and relaying NTLM credentials It is based on Responder and impack I have updated the original version (githubcom/5alt/ultrarelay) for the exploit CVE-2019-1040 Dirk-jan Mollema has updated ntlmrelayx (part of githubcom/CoreSecurity/impacket) to have a --

Recent Articles

Microsoft Patch Tuesday – June 2019
Symantec Threat Intelligence Blog • Himanshu Mehta • 12 Jun 2019

This month the vendor has patched 88 vulnerabilities, 20 of which are rated Critical.

Posted: 12 Jun, 201931 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – June 2019This month the vendor has patched 88 vulnerabilities, 20 of which are rated Critical.As always, customers are advised to follow these security best practices:


Install vendor patches as soon as they are available.
Run all software with the least privileges required while still mainta...

Microsoft Patches Four Publicly-Known Vulnerabilities
Threatpost • Tom Spring • 11 Jun 2019

Microsoft patched four Windows operating system bugs – all of which are already publicly known or have proof of concept exploits – as part of its June Patch Tuesday security bulletin. Each of the vulnerabilities are rated important and there are no reports of public exploitation for the flaws.
The four bugs are part of a total of 88 vulnerabilities that were patched by Microsoft this month, 21 of which are rated critical, 66 rated important and one moderate.
Raising the most conc...

Near-Ubiquitous Microsoft RCE Bugs Affect All Versions of Windows
Threatpost • Tara Seals • 11 Jun 2019

UPDATE
Two Microsoft vulnerabilities, CVE-2019-1040 and CVE-2019-1019, would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.
According to researchers at Preempt, who discovered the flaws, the two CVEs consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. A successful exploit would allow an attacker to read a...

Microsoft NTLM Flaws Expose All Windows Machines to RCE Attacks
BleepingComputer • Sergiu Gatlan • 11 Jun 2019

Two critical vulnerabilities in Microsoft's NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version.
As Preempt's research team discovered, threat actors can "remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS."
The Windows NTLM (short for NT LAN Manager)...