NVD disclosure day

Published threat advisories for January 8, 2019

CVE advisoryKnown Exploit

CVE-2019-0543

Microsoft Windows Elevation of Privilege Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An elevation of privilege vulnerability exists in Windows when it improperly handles authentication requests, allowing an attacker with local access to run processes with elevated permissions. This impacts affected Windows operating systems and poses a business risk of unauthorized data access or system modifications.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2019-0541

MSHTML Engine Vulnerability Allows Remote Code Execution.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A vulnerability in the MSHTML engine allows remote code execution, potentially compromising systems and data. This affects Microsoft Office, Internet Explorer, and related viewers, posing a business risk through unauthorized access and control. Organizations face risks to data integrity and operational continuity.

NVD published: • CISA KEV