vulnerability
Microsoft Windows: CVE-2019-0707: Windows NDIS Elevation of Privilege Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | May 14, 2019 | May 14, 2019 | Sep 5, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
May 14, 2019
Added
May 14, 2019
Modified
Sep 5, 2025
Description
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level, aka 'Windows NDIS Elevation of Privilege Vulnerability'.
Solutions
microsoft-windows-windows_10-1507-kb4499154microsoft-windows-windows_10-1607-kb4494440microsoft-windows-windows_10-1703-kb4499181microsoft-windows-windows_10-1709-kb4499179microsoft-windows-windows_10-1803-kb4499167microsoft-windows-windows_10-1809-kb4494441microsoft-windows-windows_10-1903-kb4497936microsoft-windows-windows_server_2012-kb4499158microsoft-windows-windows_server_2012_r2-kb4499165microsoft-windows-windows_server_2016-1607-kb4494440microsoft-windows-windows_server_2019-1809-kb4494441msft-kb4497936-10429ff2-9c14-4fb1-abdc-a105642cb1admsft-kb4499158-93082475-fee3-46cf-8c33-1d26b56c536fmsft-kb4499158-b4ae50b9-4f14-4eaf-8574-6b7a66beb9cbmsft-kb4499165-4b02df8e-e169-4d3a-a07e-bff78bc2efe3msft-kb4499165-b6296768-ff16-4e28-aa22-9e8938569154
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.