ID

VAR-201905-0993


CVE

CVE-2019-0733


TITLE

plural Microsoft Windows Products and PowerShell Core of Windows Defender Application Control Vulnerabilities that bypass security functions

Trust: 0.8

sources: JVNDB: JVNDB-2019-004750

DESCRIPTION

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions

Trust: 1.98

sources: NVD: CVE-2019-0733 // JVNDB: JVNDB-2019-004750 // BID: 108256 // VULMON: CVE-2019-0733

AFFECTED PRODUCTS

vendor:microsoftmodel:windows server 2016scope:eqversion:1803

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion:1903

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1903

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1709

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1809

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1703

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1607

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1803

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1607 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1607 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1703 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1703 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1709 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1709 for 64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1709 for arm64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1803 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1803 for arm64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1803 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1809 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1809 for arm64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1809 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1903 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1903 for arm64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1903 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows serverscope:eqversion:version 1803 (server core installation)

Trust: 0.8

vendor:microsoftmodel:windows serverscope:eqversion:version 1903 (server core installation)

Trust: 0.8

vendor:microsoftmodel:windows server 2016scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2016scope:eqversion:(server core installation)

Trust: 0.8

vendor:microsoftmodel:windows server 2019scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2019scope:eqversion:(server core installation)

Trust: 0.8

vendor:microsoftmodel:powershell corescope:eqversion:6.1

Trust: 0.8

vendor:microsoftmodel:powershell corescope:eqversion:6.2

Trust: 0.8

vendor:microsoftmodel:windows serverscope:eqversion:20190

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:19030

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:18030

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:2016

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1019030

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1019030

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1019030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017030

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:100

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:100

Trust: 0.3

sources: BID: 108256 // JVNDB: JVNDB-2019-004750 // NVD: CVE-2019-0733

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-0733
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-0733
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-408
value: MEDIUM

Trust: 0.6

VULMON: CVE-2019-0733
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-0733
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2019-0733
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 1.8
impactScore: 3.4
version: 3.0

Trust: 1.8

sources: VULMON: CVE-2019-0733 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408 // NVD: CVE-2019-0733

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-254

Trust: 0.8

sources: JVNDB: JVNDB-2019-004750 // NVD: CVE-2019-0733

THREAT TYPE

local

Trust: 0.9

sources: BID: 108256 // CNNVD: CNNVD-201905-408

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-201905-408

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004750

PATCH

title:CVE-2019-0733 | Windows Defender Application Control Security Feature Bypass Vulnerabilityurl:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0733

Trust: 0.8

title:CVE-2019-0733 | Windows Defender アプリケーション制御のセキュリティ機能のバイパスの脆弱性url:https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/CVE-2019-0733

Trust: 0.8

title:Microsoft Windows Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92557

Trust: 0.6

title:Symantec Threat Intelligence Blogurl:https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-may-2019

Trust: 0.1

sources: VULMON: CVE-2019-0733 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408

EXTERNAL IDS

db:NVDid:CVE-2019-0733

Trust: 2.8

db:BIDid:108256

Trust: 1.0

db:JVNDBid:JVNDB-2019-004750

Trust: 0.8

db:CNNVDid:CNNVD-201905-408

Trust: 0.6

db:VULMONid:CVE-2019-0733

Trust: 0.1

sources: VULMON: CVE-2019-0733 // BID: 108256 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408 // NVD: CVE-2019-0733

REFERENCES

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0733

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-0733

Trust: 1.4

url:http://www.securityfocus.com/bid/108256

Trust: 1.3

url:http://www.microsoft.com/windows/default.mspx

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0733

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20190515-ms.html

Trust: 0.8

url:http://www.jpcert.or.jp/at/2019/at190023.html

Trust: 0.8

url:https://vigilance.fr/vulnerability/windows-vulnerabilities-of-may-2019-29301

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/108256

Trust: 0.1

sources: VULMON: CVE-2019-0733 // BID: 108256 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408 // NVD: CVE-2019-0733

CREDITS

Matt Graeber of SpecterOps

Trust: 0.9

sources: BID: 108256 // CNNVD: CNNVD-201905-408

SOURCES

db:VULMONid:CVE-2019-0733
db:BIDid:108256
db:JVNDBid:JVNDB-2019-004750
db:CNNVDid:CNNVD-201905-408
db:NVDid:CVE-2019-0733

LAST UPDATE DATE

2024-08-14T15:43:44.221000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2019-0733date:2020-08-24T00:00:00
db:BIDid:108256date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-004750date:2019-06-06T00:00:00
db:CNNVDid:CNNVD-201905-408date:2020-08-25T00:00:00
db:NVDid:CVE-2019-0733date:2020-08-24T17:37:01.140

SOURCES RELEASE DATE

db:VULMONid:CVE-2019-0733date:2019-05-16T00:00:00
db:BIDid:108256date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-004750date:2019-06-06T00:00:00
db:CNNVDid:CNNVD-201905-408date:2019-05-14T00:00:00
db:NVDid:CVE-2019-0733date:2019-05-16T19:29:00.613