PT-2019-1416 · Microsoft · Windows Smbv2+1

Zer0Mem

Published

2019-02-12

Updated

2026-03-01

CVE-2019-0633

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows SMBv2 (affected versions not specified)

Description The issue is related to insecure privilege management in the Windows SMBv2 component, allowing a remote attacker to execute arbitrary code by sending a specially crafted packet to the SMBv2 server. This can be achieved through the exploitation of how the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. The vulnerability enables remote attackers to execute arbitrary code and affect the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-19CWE-269

Related Identifiers

BDU:2019-00798

CVE-2019-0633

Affected Products

Windows

Windows Smbv2

PT-2019-1416 · Microsoft · Windows Smbv2+1

CVE-2019-0633

Weakness Enumeration

Related Identifiers

Affected Products

References · 8