CVE-2019-1405 - Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability
Project:Microsoft
Product:Windows
Date Added:2022-03-15Due Date:2022-04-05
Vulnerability Name
Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability
Description
A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-1405