{"cve":{"cve_id":"CVE-2019-1173","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00742,"epss_percentile":0.49863,"epss_as_of":"2026-06-23","description":"An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\nTo exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.\nThe security update addresses the vulnerability by ensuring the PsmServiceExtHost.dll properly handles objects in memory.","published_at":"2019-08-14T20:55:03Z","last_modified_at":null,"cvss_v3_score":7.0,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1173"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:11:58.803949Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"},{"metric":"E","name":"E","value":"P","value_label":"Physical"},{"metric":"RL","name":"RL","value":"O","value_label":"O"},{"metric":"RC","name":"RC","value":"C","value_label":"Changed"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-10","product_name":"Windows 10","version_start":"1903","version_start_inclusive":true,"version_end":"1903","version_end_inclusive":true,"cpe23_uri":"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-10-1803","product_name":"windows_10_1803","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-10-1803","product_name":"windows_10_1803","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-10-1809","product_name":"windows_10_1809","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-10-1809","product_name":"windows_10_1809","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-10-1809","product_name":"windows_10_1809","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-server-1803","product_name":"windows_server_1803","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-server-1903","product_name":"windows_server_1903","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"windows-server-2019","product_name":"Windows Server 2019","version_start":null,"version_start_inclusive":null,"version_end":null,"version_end_inclusive":null,"cpe23_uri":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"}],"exploit_refs":[],"news":[],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1173","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"published","at":"2019-08-14T20:55:03Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:00:19.386120Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:00:19.386120Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:00:19.386120Z","label":"CVSS score revised","source":"cvelistv5"}]}