Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.5
CVSSv3

CVE-2019-1019

Published: 12/06/2019 Updated: 24/08/2020
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
CVSS v3 Base Score: 8.5 | Impact Score: 6 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Windows Server 2019

Vulnerability Summary

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2019 -

microsoft windows server 2016 1903

microsoft windows server 2016 -

microsoft windows 10 1703

microsoft windows 10 1709

microsoft windows 10 1803

microsoft windows 10 1809

microsoft windows server 2012 r2

microsoft windows server 2008 r2

microsoft windows 7 -

microsoft windows 10 -

microsoft windows server 2008 -

microsoft windows 8.1 -

microsoft windows rt 8.1 -

microsoft windows server 2016 1803

microsoft windows server 2012 -

microsoft windows 10 1903

microsoft windows 10 1607

Exploits

Exploit DB: Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation
VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is allowed to create TCP sockets In particular, I was able to combine the issues mentioned below with a bug in Chromium to escape its sandbox ## HTTP -> SMB NTLM reflection This is a long known attack that ...

Github Repositories

https://github.com/lazaars/UltraRealy_with_CVE-2019-1040

Updated version for the tool UltraRealy with support of the CVE-2019-1040 exploit

UltraRelay Updated by Lazaar Sami for the exploit CVE-2019-1040 UltraRelay is a tool for LLMNR poisoning and relaying NTLM credentials It is based on Responder and impack I have updated the original version (githubcom/5alt/ultrarelay) for the exploit CVE-2019-1040 Dirk-jan Mollema has updated ntlmrelayx (part of githubcom/CoreSecurity/impacket) to have a --

Recent Articles

Microsoft Patch Tuesday – June 2019
Symantec Threat Intelligence Blog • Himanshu Mehta • 12 Jun 2024

This month the vendor has patched 88 vulnerabilities, 20 of which are rated Critical.

Posted: 12 Jun, 201931 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – June 2019This month the vendor has patched 88 vulnerabilities, 20 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid h...

Read more...

References

CWE-200https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1019http://packetstormsecurity.com/files/153639/Microsoft-Windows-HTTP-To-SMB-NTLM-Reflection-Privilege-Escalation.htmlhttps://nvd.nist.govhttps://github.com/lazaars/UltraRealy_with_CVE-2019-1040https://www.exploit-db.com/exploits/47115
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook