module
Microsoft UPnP Local Privilege Elevation Vulnerability
| Disclosed |
|---|
| Nov 12, 2019 |
Disclosed
Nov 12, 2019
Description
This exploit uses two vulnerabilities to execute a command as an elevated user.
The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to
NT AUTHORITY\LOCAL SERVICE
The second (CVE-2019-1322) leverages the Update Orchestrator Service to
elevate from NT AUTHORITY\LOCAL SERVICE to NT AUTHORITY\SYSTEM.
The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to
NT AUTHORITY\LOCAL SERVICE
The second (CVE-2019-1322) leverages the Update Orchestrator Service to
elevate from NT AUTHORITY\LOCAL SERVICE to NT AUTHORITY\SYSTEM.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.