CVE-2019-0603 : A remote code execution vulnerability exists in the way that Windows Deployment

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory, aka 'Windows Deployment Services TFTP Server Remote Code Execution Vulnerability'.

Published 2019-04-08 23:29:00

Updated 2020-08-24 17:37:01

Source Microsoft Corporation

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2019-0603

Microsoft » Windows Server 2008 » Version: N/A Update SP2
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 Update SP1 For Itanium
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 Update SP1 For X64
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
Matching versions
Microsoft » Windows 7 » Version: N/A Update SP1
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: R2
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 8.1 » Version: N/A
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Rt 8.1 » Version: N/A
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1607
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1803
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1809
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: 1803
cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2019 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-0603

EPSS FAQ

37.74%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 97 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-0603

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.5	HIGH	AV:N/AC:M/Au:S/C:C/I:C/A:C	6.8	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.5	HIGH	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H	1.6	5.9	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2019-0603

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0603

CVE-2019-0603 | Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2019-0603

Products affected by CVE-2019-0603

Exploit prediction scoring system (EPSS) score for CVE-2019-0603

CVSS scores for CVE-2019-0603

References for CVE-2019-0603