Vulnerability Details CVE-2019-0707
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level, aka 'Windows NDIS Elevation of Privilege Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 48.1%
CVSS Severity
CVSS v3 Score 7.0
CVSS v2 Score 6.9
References
Products affected by CVE-2019-0707
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_10:1809
-
cpe:2.3:o:microsoft:windows_10:1903
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2019:-
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.1999
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2061
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2114
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2183
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2300
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2452
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2565
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2803
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2928
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3046
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3165
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3287
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3406
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3532
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3650
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3770
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3887
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4010
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4252
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4851
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4974
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5122
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5329
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5458
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5576
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5696
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5820
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5936
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6054
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6189
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6293
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6414
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6532
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6659
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.7009
-
cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.7434