CVE-2019-1214: Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability
First published: Wed Sep 11 2019(Updated: )
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Windows 10 | ||
| Windows 10 | =1607 | |
| Windows 10 | =1703 | |
| Windows 10 | =1709 | |
| Windows 10 | =1803 | |
| Windows 10 | =1809 | |
| Windows 10 | =1903 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Windows Operating System | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows Server | ||
| Microsoft Windows Server 1903 | ||
| =sp1 | ||
| =sp2 | ||
| =r2-sp1 | ||
| =r2-sp1 | ||
| =r2 | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-1214?
CVE-2019-1214 has been rated as critical due to its potential for elevation of privilege.
How do I fix CVE-2019-1214?
To fix CVE-2019-1214, apply the latest security updates provided by Microsoft for affected versions of Windows.
Which systems are affected by CVE-2019-1214?
CVE-2019-1214 affects multiple versions of Microsoft Windows including Windows 7, 8.1, 10, and various Windows Server editions.
Can CVE-2019-1214 be exploited remotely?
CVE-2019-1214 can be exploited locally by an attacker to gain elevated privileges on the system.
What type of vulnerability is CVE-2019-1214?
CVE-2019-1214 is classified as an elevation of privilege vulnerability in the Windows Common Log File System driver.
- agent/type
- agent/description
- agent/remedy
- agent/severity
- agent/title
- agent/first-publish-date
- agent/references
- agent/author
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- vendor/microsoft
- canonical/windows 10
- version/windows 10/1607
- version/windows 10/1703
- version/windows 10/1709
- version/windows 10/1803
- version/windows 10/1809
- version/windows 10/1903
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows
- canonical/microsoft windows rt
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- version/microsoft windows server/r2-sp1
- version/microsoft windows server/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1803
- version/microsoft windows server 2016/1903
- canonical/microsoft windows server 2019
- canonical/microsoft windows operating system
- canonical/microsoft windows 10
- canonical/microsoft windows server 1903