CVE-2019-1214
CVE-2019-1214
In short
A flaw in Windows' logging driver allows attackers to gain higher system privileges by exploiting how it handles data in memory. This could let someone run malicious code with admin-level access.
Technical detail
The Windows CLFS driver improperly manages memory objects, enabling a local attacker to trigger memory corruption. Successful exploitation results in privilege escalation from user-mode to kernel-mode execution context.
Summary generated and translated by AI from the official description.
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Microsoft · WindowsMicrosoft · Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Windows 10 Version 1903 for x64-based SystemsMicrosoft · Windows ServerMicrosoft · Windows Server, version 1903 (Server Core installation)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →