Lucene search
MicrosoftCVE-2019-1436HistoryNov 12, 2019 - 7:15 p.m.
CVE-2019-1436
2019-11-1219:15:15
CWE-200
microsoft
web.nvd.nist.gov
59
cve
2019
1436
information disclosure
win32k component
vulnerability
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
30.4%
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka âWin32k Information Disclosure Vulnerabilityâ. This CVE ID is unique from CVE-2019-1440.
Affected configurations
Node
microsoftwindows_10Match-
ORmicrosoftwindows_10Match1607
ORmicrosoftwindows_10Match1709
ORmicrosoftwindows_10Match1803
ORmicrosoftwindows_10Match1809
ORmicrosoftwindows_10Match1903
ORmicrosoftwindows_server_2016Match-
ORmicrosoftwindows_server_2016Match1803
ORmicrosoftwindows_server_2016Match1903
ORmicrosoftwindows_server_2019Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10 | - | cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1607 | cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1709 | cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1803 | cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1809 | cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1903 | cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | - | cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1803 | cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1903 | cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | - | cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Windows",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Windows Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016"
},
{
"status": "affected",
"version": "2016 (Core installation)"
},
{
"status": "affected",
"version": "version 1803 (Core Installation)"
},
{
"status": "affected",
"version": "2019"
},
{
"status": "affected",
"version": "2019 (Core installation)"
}
]
},
{
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]Related
cvelist
cvelist
CVE-2019-1436
2019-11-12 18:53:13
CVE-2019-1440
2019-11-12 18:53:15
nvd
nvd
CVE-2019-1440
2019-11-12 19:15:15
CVE-2019-1436
2019-11-12 19:15:15
cve
cve
CVE-2019-1440
2019-11-12 19:15:15
prion
prion
Information disclosure
2019-11-12 19:15:00
Information disclosure
2019-11-12 19:15:00
attackerkb
attackerkb
CVE-2019-1436
2019-11-12 00:00:00
symantec
symantec
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Information Disclosure (CVE-2019-1436)
2019-11-12 00:00:00
mscve
mscve
Win32k Information Disclosure Vulnerability
2019-11-12 08:00:00
Win32k Information Disclosure Vulnerability
2019-11-12 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4525241)
2019-11-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4523205)
2019-11-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4525237)
2019-11-13 00:00:00
mskb
mskb
November 12, 2019âKB4523205 (OS Build 17763.864)
2019-11-12 08:00:00
November 12, 2019âKB4524570 (OS Builds 18362.476 and 18363.476) - EXPIRED
2019-11-12 08:00:00
November 12, 2019âKB4525241 (OS Build 16299.1508)
2019-11-12 08:00:00
nessus
nessus
kaspersky
kaspersky
KLA11608 Multiple vulnerabilities in Microsoft Windows
2019-11-12 00:00:00
talosblog
talosblog
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
30.4%
Related for CVE-2019-1436