Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-0786: Hyper-V vSMB Remote Code Execution Vulnerability

Back to Search

Microsoft CVE-2019-0786: Hyper-V vSMB Remote Code Execution Vulnerability

Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
04/09/2019
Created
04/22/2019
Added
04/09/2019
Modified
08/21/2019

Description

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities, an attacker running inside a virtual machine could run a specially crafted application that could cause the Hyper-V host operating system to execute arbitrary code. The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data.

Solution(s)

  • msft-kb4493441-30e70ea5-db98-4921-9fb6-cd711cbe111c
  • msft-kb4493441-c48d3b04-de61-45f8-aa09-19dcdcbf27cf
  • msft-kb4493441-d4df103d-2ae9-4b1a-a4a3-615b9cceb666
  • msft-kb4493464-1a60bdf0-0746-4b51-b98a-c7aa184e0e65
  • msft-kb4493464-2678ef0e-1396-499a-aa6d-7b5edc40c1ed
  • msft-kb4493464-8c293f3f-ae3d-46af-870d-ed61b2fe12e0
  • msft-kb4493509-08d3a825-29af-4ebd-b167-019a45e87fb8
  • msft-kb4493509-623b4e44-1f39-4496-9836-dc80be3ce2cc
  • msft-kb4493509-b866c1a6-ae98-449c-9285-c3008ae7bebc

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;