← ExploitWatch
HomeExploited Vulnerabilities

CVE-2019-1405 — Actively Exploited: Windows (Microsoft)

A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.

CVE IDCVE-2019-1405
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability
Date added2022-03-15
Remediation due2022-04-05
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionA privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →