Main Vulnerability Database Vulnerabilities #VU21684

#VU21684 Man-in-the-Middle (MitM) attack in Windows and Windows Server - CVE-2019-1166

Published: October 9, 2019

Vulnerability identifier: #VU21684

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-1166

CWE-ID: CWE-300

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Windows
Windows Server

Software vendor:
Microsoft

Description

The vulnerability allows a remote attacker to tamper with the NTLM exchange.

The vulnerability exists due to insufficient integrity check for NTLM packets. A remote attacker can modify flags of the NTLM packet without invalidating the signature and bypass the NTLM MIC (Message Integrity Check) protection.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1166

#VU21684 Man-in-the-Middle (MitM) attack in Windows and Windows Server - CVE-2019-1166

Description

Remediation

External links

Please verify you're human