New Search

Windows Elevation of Privilege Vulnerability - CVE-2019-1420

oval:org.cisecurity:def:6759

An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the dssvc.dll properly handles this type of functionality.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2019-1420
  • MSRC-CVE-2019-1420
  • KB4525232
  • KB4525236
  • KB4525241
  • KB4525237
  • KB4523205
  • KB4524570
Product(s):