CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: May 3, 2022
Description
Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation allows an attacker to execute code with elevated privileges.
EPSS — Exploit Probability
7.7%
Higher than 91.8% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2019-1215
Risk Assessment
HIGHIn CISA KEV
Ransomware
Details
- Severity
- High
- EPSS
- 7.7%
- CISA KEV
- Yes
- Ransomware
- Known
- Articles
- 0
Timeline
Published
Nov 3, 2021
Added to KEV
Nov 3, 2021
Remediation Due
May 3, 2022