PT-2019-3180 · Microsoft · Windows Hyper-V+1

Published

2019-09-10

Updated

2020-08-24

CVE-2019-1254

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows Hyper-V (affected versions not specified)

Description The issue is related to an information disclosure problem where Windows Hyper-V writes uninitialized memory to disk. This could allow an attacker to obtain sensitive information. There is a lack of protection for internal data in the Hyper-V hardware virtualization system of the Windows operating system, which can be exploited to disclose protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of Uninitialized Resource

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908CWE-200

Related Identifiers

BDU:2019-03169

CVE-2019-1254

Affected Products

Windows

Windows Hyper-V

PT-2019-3180 · Microsoft · Windows Hyper-V+1

CVE-2019-1254

Weakness Enumeration

Related Identifiers

Affected Products

References · 6