NVD disclosure day
CVE-2019-1297
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Microsoft Excel can allow attackers to execute malicious code remotely. This matters to organizations as it could lead to unauthorized access, data modification, or system compromise. The realistic business risk involves potential disruption and loss of control over affected systems.
CVE-2019-1253
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. An attacker with existing execution on a system could exploit this to gain higher permissions. This poses a business risk to affected Windows systems.
CVE-2019-1215
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Windows' Winsock component could allow local attackers to escalate privileges. This impacts affected organizations by enabling unauthorized access and control of systems and data, posing a business risk.
CVE-2019-1214
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Windows Common Log File System driver allows an attacker with local access to gain elevated permissions. This could affect system integrity and data confidentiality, posing a business risk.