Attacker Value
Moderate
(1 user assessed)
Exploitability
Moderate
(1 user assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
0

CVE-2019-1169

Disclosure Date: August 14, 2019
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.

Add Assessment

1
Ratings
Technical Analysis

Wrote up a full analysis of this bug in two parts at https://versprite.com/blog/security-research/cve-2019-1169-vulnerability-windows/. I believe that in reality CVE-2019-1169 actually covers several vulnerabilities, as if one looks at ZDI’s advisory at https://www.zerodayinitiative.com/advisories/ZDI-19-709/ they can see that one of the bugs covered by CVE-2019-1169 is actually an information leak.

My blog post covers this information leak which is exploitable by attackers who have some knowledge of how Windows messages work and how windows hooks and event hooks operate. Exploiting the vulnerability is only possible on Windows 7 x86 and prior as it is a NULL pointer dereference vulnerability, however successful exploitation results in the ability to read a DWORD worth of information at two arbitrary addresses in kernel memory per exploitation attempt.

I have also written up exploit code which will trigger this info leak vulnerability, which is available at https://github.com/VerSprite/research/tree/master/exploits/Ndays/CVE-2019-1169

CVSS V3 Severity and Metrics
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Vendors

  • microsoft

Products

  • windows 7 -,
  • windows server 2008 -,
  • windows server 2008 r2

Additional Info

Technical Analysis