What is the severity of CVE-2019-1215?

CVE-2019-1215 has a severity rating of Important as it allows an elevation of privilege.

How do I fix CVE-2019-1215?

To fix CVE-2019-1215, apply the latest security updates released by Microsoft for affected Windows versions.

Which operating systems are affected by CVE-2019-1215?

CVE-2019-1215 affects various Windows operating systems including Windows 7, Windows 10, and Windows Server editions.

What type of vulnerability is CVE-2019-1215?

CVE-2019-1215 is classified as an elevation of privilege vulnerability within the Winsock driver.

Can CVE-2019-1215 be exploited remotely?

CVE-2019-1215 requires local access to the system for exploitation, not a remote attack.

Vulnerability/
CVE-2019-1215

Exploited

high

7.8

CWE

269

11/9/2019

7/2/2025

CVE-2019-1215: Microsoft Windows Privilege Escalation Vulnerability

First published: Wed Sep 11 2019(Updated: )

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Windows 10
Windows 10	=1607
Windows 10	=1703
Windows 10	=1709
Windows 10	=1803
Windows 10	=1809
Windows 10	=1903
Microsoft Windows 7	=sp1
Microsoft Windows
Microsoft Windows RT
Microsoft Windows Server	=sp2
Microsoft Windows Server	=r2-sp1
Microsoft Windows Server	=r2-sp1
Microsoft Windows Server
Microsoft Windows Server	=r2
Microsoft Windows Server 2016
Microsoft Windows Server 2016	=1803
Microsoft Windows Server 2016	=1903
Microsoft Windows Server 2019
Microsoft Windows Operating System

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1215

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-1215?
CVE-2019-1215 has a severity rating of Important as it allows an elevation of privilege.
How do I fix CVE-2019-1215?
To fix CVE-2019-1215, apply the latest security updates released by Microsoft for affected Windows versions.
Which operating systems are affected by CVE-2019-1215?
CVE-2019-1215 affects various Windows operating systems including Windows 7, Windows 10, and Windows Server editions.
What type of vulnerability is CVE-2019-1215?
CVE-2019-1215 is classified as an elevation of privilege vulnerability within the Winsock driver.
Can CVE-2019-1215 be exploited remotely?
CVE-2019-1215 requires local access to the system for exploitation, not a remote attack.

agent/type
agent/remedy
agent/severity
agent/title
agent/first-publish-date
agent/references
agent/description
agent/author
agent/source
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/nvd-cve
agent/softwarecombine
agent/tags
exploited/true
ransomware/true
collector/cisa-known-exploited
source/CISA
vendor/microsoft
canonical/windows 10
version/windows 10/1607
version/windows 10/1703
version/windows 10/1709
version/windows 10/1803
version/windows 10/1809
version/windows 10/1903
canonical/microsoft windows 7
version/microsoft windows 7/sp1
canonical/microsoft windows
canonical/microsoft windows rt
canonical/microsoft windows server
version/microsoft windows server/sp2
version/microsoft windows server/r2-sp1
version/microsoft windows server/r2
canonical/microsoft windows server 2016
version/microsoft windows server 2016/1803
version/microsoft windows server 2016/1903
canonical/microsoft windows server 2019
canonical/microsoft windows operating system