Windows NDIS Elevation of Privilege Vulnerability

Windows NDIS Elevation of Privilege Vulnerability

CVE-2019-0707 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level, aka 'Windows NDIS Elevation of Privilege Vulnerability'.

Learn more about our Network Penetration Testing.