Details of VAR-201905-0993

ID

VAR-201905-0993

CVE

CVE-2019-0733

TITLE

plural Microsoft Windows Products and PowerShell Core of Windows Defender Application Control Vulnerabilities that bypass security functions

Trust: 0.8

sources: JVNDB: JVNDB-2019-004750

DESCRIPTION

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions

Trust: 1.98

sources: NVD: CVE-2019-0733 // JVNDB: JVNDB-2019-004750 // BID: 108256 // VULMON: CVE-2019-0733

AFFECTED PRODUCTS

vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	1803	Trust: 1.0
vendor:	microsoft	model:	windows server 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	1903	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1903	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1709	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1809	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1703	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1607	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1803	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1607 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1607 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1703 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1703 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1709 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1709 for 64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1709 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1803 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1803 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1803 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1809 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1809 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1809 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1903 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1903 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1903 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows server	scope:	eq	version:	version 1803 (server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server	scope:	eq	version:	version 1903 (server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	none	Trust: 0.8
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	(server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server 2019	scope:	eq	version:	none	Trust: 0.8
vendor:	microsoft	model:	windows server 2019	scope:	eq	version:	(server core installation)	Trust: 0.8
vendor:	microsoft	model:	powershell core	scope:	eq	version:	6.1	Trust: 0.8
vendor:	microsoft	model:	powershell core	scope:	eq	version:	6.2	Trust: 0.8
vendor:	microsoft	model:	windows server	scope:	eq	version:	20190	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	19030	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	18030	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	2016	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1019030	Trust: 0.3
vendor:	microsoft	model:	windows version for arm64-based systems	scope:	eq	version:	1019030	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1019030	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1018090	Trust: 0.3
vendor:	microsoft	model:	windows version for arm64-based systems	scope:	eq	version:	1018090	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1018090	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1018030	Trust: 0.3
vendor:	microsoft	model:	windows version for arm64-based systems	scope:	eq	version:	1018030	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1018030	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1017090	Trust: 0.3
vendor:	microsoft	model:	windows version for arm64-based systems	scope:	eq	version:	1017090	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1017090	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1017030	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1017030	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1016070	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1016070	Trust: 0.3
vendor:	microsoft	model:	windows for x64-based systems	scope:	eq	version:	100	Trust: 0.3
vendor:	microsoft	model:	windows for 32-bit systems	scope:	eq	version:	100	Trust: 0.3

sources: BID: 108256 // JVNDB: JVNDB-2019-004750 // NVD: CVE-2019-0733

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-0733
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-0733
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201905-408
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2019-0733
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-0733
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2019-0733
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	3.4
version:	3.0
Trust: 1.8

sources: VULMON: CVE-2019-0733 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408 // NVD: CVE-2019-0733

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-254	Trust: 0.8

sources: JVNDB: JVNDB-2019-004750 // NVD: CVE-2019-0733

THREAT TYPE

local

Trust: 0.9

sources: BID: 108256 // CNNVD: CNNVD-201905-408

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-201905-408

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004750

PATCH

title:	CVE-2019-0733 \| Windows Defender Application Control Security Feature Bypass Vulnerability	url:	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0733	Trust: 0.8
title:	CVE-2019-0733 \| Windows Defender アプリケーション制御のセキュリティ機能のバイパスの脆弱性	url:	https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/CVE-2019-0733	Trust: 0.8
title:	Microsoft Windows Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92557	Trust: 0.6
title:	Symantec Threat Intelligence Blog	url:	https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-may-2019	Trust: 0.1

sources: VULMON: CVE-2019-0733 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408

EXTERNAL IDS

db:	NVD	id:	CVE-2019-0733	Trust: 2.8
db:	BID	id:	108256	Trust: 1.0
db:	JVNDB	id:	JVNDB-2019-004750	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-408	Trust: 0.6
db:	VULMON	id:	CVE-2019-0733	Trust: 0.1

sources: VULMON: CVE-2019-0733 // BID: 108256 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408 // NVD: CVE-2019-0733

REFERENCES

url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0733	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0733	Trust: 1.4
url:	http://www.securityfocus.com/bid/108256	Trust: 1.3
url:	http://www.microsoft.com/windows/default.mspx	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0733	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20190515-ms.html	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2019/at190023.html	Trust: 0.8
url:	https://vigilance.fr/vulnerability/windows-vulnerabilities-of-may-2019-29301	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/108256	Trust: 0.1

sources: VULMON: CVE-2019-0733 // BID: 108256 // JVNDB: JVNDB-2019-004750 // CNNVD: CNNVD-201905-408 // NVD: CVE-2019-0733

CREDITS

Matt Graeber of SpecterOps

Trust: 0.9

sources: BID: 108256 // CNNVD: CNNVD-201905-408

SOURCES

db:	VULMON	id:	CVE-2019-0733
db:	BID	id:	108256
db:	JVNDB	id:	JVNDB-2019-004750
db:	CNNVD	id:	CNNVD-201905-408
db:	NVD	id:	CVE-2019-0733

LAST UPDATE DATE

2024-08-14T15:43:44.221000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2019-0733	date:	2020-08-24T00:00:00
db:	BID	id:	108256	date:	2019-05-14T00:00:00
db:	JVNDB	id:	JVNDB-2019-004750	date:	2019-06-06T00:00:00
db:	CNNVD	id:	CNNVD-201905-408	date:	2020-08-25T00:00:00
db:	NVD	id:	CVE-2019-0733	date:	2020-08-24T17:37:01.140

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2019-0733	date:	2019-05-16T00:00:00
db:	BID	id:	108256	date:	2019-05-14T00:00:00
db:	JVNDB	id:	JVNDB-2019-004750	date:	2019-06-06T00:00:00
db:	CNNVD	id:	CNNVD-201905-408	date:	2019-05-14T00:00:00
db:	NVD	id:	CVE-2019-0733	date:	2019-05-16T19:29:00.613