HTTP: Windows ALPC CVE-2019-0943 Elevation of Privilege

This signature detects attempts to exploit a known vulnerability against Windows Advanced Local Procedure Call. A successful attack can lead to elevation of privilege.

Extended Description

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.

Affected Products

Microsoft windows_server_2016

References

CVE: CVE-2019-0943

Short Name
HTTP:STC:DL:CVE-2019-0943-EOP
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
ALPC CVE-2019-0943 Elevation Privilege Windows of
Release Date
06/11/2019
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
Vendors

Microsoft

CVSS Score

7.2

Found a potential security threat?