CVE-2019-1161

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. The update addresses the vulnerability and blocks the arbitrary deletion.

Published: Aug 14, 2019
Updated: May 30, 2024
CVE: CVE-2019-1161
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.6
AV:L/AC:L/Au:N/C:N/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / system_center_endpoint_protection	-	-
microsoft / system_center_endpoint_protection	2012-r2	2012-r2.x
microsoft / system_center_endpoint_protection	2012	2012.x

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1161

Vulnerability Database

289,697

CVE-2019-1161