CVE-2019-0709

moderate-risk

Published 2019-06-12

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input.

Do I need to act?

37.3% chance of exploitation in next 30 days

EPSS score — higher than 63% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.6/10 High

ADJACENT_NETWORK / HIGH complexity

Affected Products (5)

Windows 10

Windows Server 2016

Affected Vendors

Microsoft

References (2)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0709

Patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0709

/ 100

moderate-risk

Severity 20/34 · Moderate

Exploitability 16/34 · Moderate

Exposure 12/34 · Low