New Search

Hyper-V vSMB Remote Code Execution Vulnerability - CVE-2019-0786

oval:org.cisecurity:def:6389

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities an attacker running inside a virtual machine could run a specially crafted application that could cause the Hyper-V host operating system to execute arbitrary code. The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2019
  • Microsoft Windows 10
Class:
vulnerability
Reference(s):
  • CVE-2019-0786
  • MSRC-CVE-2019-0786
  • KB4493441
  • KB4493464
  • KB4493509
Product(s):