CVE-2019-1388
An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- November 26, 2018
- Published Date
- November 12, 2019
- Last Updated
- February 07, 2025
- Vendor
- Microsoft
- Product
- Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)
- Description
- An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.
- Tags
- Exploitation
- active
- Technical Impact
- total
CVSS Scores
CVSS v3.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
SSVC Information
References
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2023-04-07 00:00:00 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
suprise4u/CVE-2019-1388
Type: github • Created: 2021-06-07 22:29:08 UTC • Stars: 5
nobodyatall648/CVE-2019-1388
Type: github • Created: 2021-05-05 08:22:34 UTC • Stars: 20
sv3nbeast/CVE-2019-1388
Type: github • Created: 2019-11-27 02:47:37 UTC • Stars: 74
jaychouzzk/CVE-2019-1388
Type: github • Created: 2019-11-21 08:38:38 UTC • Stars: 0
jas502n/CVE-2019-1388
Type: github • Created: 2019-11-21 06:26:27 UTC • Stars: 186
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Proof of Concept Exploit Available
-
Exploit Used in Malware
-
Added to KEVIntel