New Proof of Concept Combining CVE-2019-1322 and CVE-2019-1405 Developed

Threat Level

52% FortiGuard Threat Signal 1 day ago

Threat Signal Report New Proof of Concept Combining CVE-2019-1322 and CVE-2019-1405 Developed Description The FortiGuard SE Team is aware of a new proof of concept dubbed "COMahawk" disclosed on Nov 14 that incorporates CVE-2019-1405 and CVE-1322. The proof of concept combines two latest vulnerabilities in Microsoft Windows CVE-2019-1405 {Windows UPnP Service Elevation of Privilege Vulnerability) and CVE-2019-1322 (Microsoft Windows Elevation of Privilege Vulnerability) that allows for a full el...

Continue Reading on Original Site

Recommended Articles

Feds Fine Surgery Practice $250K in Ransomware Breach

Data Breach Today UK 2 hours ago

2021 Pysa Hack Compromised PHI of Nearly 25,000 Patients A HIPAA breach investigation into a 2021 attack involving a variant of Pysa ransomware resulted in a $250,000 fine for an upstate New York spec...

Proof-of-Concept Code Now Available for an Exploited Windows Local Privilege Escalation Vulnerability

FortiGuard Threat Signal 23 hours ago

Threat Signal Report Proof-of-Concept Code Now Available for an Exploited Windows Local Privilege Escalation Vulnerability Description FortiGuard Labs is aware that a Proof-of-Concept (POC) code for a...

Joint CyberSecurity Advisory Alert on PrintNightmare Vulnerability and Default MFA Protocols Exploited by Russian State-Sponsored Cyber Actors (AA22-074A)

FortiGuard Threat Signal 23 hours ago

Threat Signal Report Joint CyberSecurity Advisory Alert on PrintNightmare Vulnerability and Default MFA Protocols Exploited by Russian State- Cyber Actors (AA22-074A) Description FortiGuard Labs is aw...

Ransomware Actors Pile on 'ToolShell' SharePoint Bugs

Dark Reading 3 hours ago

Storm-2603, a China-based threat actor, is targeting SharePoint customers in an ongoing ransomware campaign....

BlackSuit ransomware leak sites seized in Operation Checkmate

BleepingComputer 3 hours ago

BlackSuit ransomware leak sites seized in Operation Checkmate Sergiu Gatlan July 24, 2025 05:34 PM 0 Law enforcement has seized the dark web leak sites of the BlackSuit ransomware operation, which has...

Threat Intelligence

Attack Types 1

Privilege Escalation

Vulnerabilities 1

Privilege Escalation

MITRE ATT&CK 1

Exploitation for Privilege Escalation

Business Intelligence

Companies 1

Microsoft

Platforms 3

Linux Windows macOS

Technical Indicators

CVEs 2

CVE-2019-1322 CVE-2019-1405

Information

Article ID: #4463
Published: 1 day ago
Source: FortiGuard Threat Signal

Recommended Articles

Feds Fine Surgery Practice $250K in Ransomware Breach

Proof-of-Concept Code Now Available for an Exploited Windows Local Privilege Escalation Vulnerability

Joint CyberSecurity Advisory Alert on PrintNightmare Vulnerability and Default MFA Protocols Exploited by Russian State-Sponsored Cyber Actors (AA22-074A)

Ransomware Actors Pile on 'ToolShell' SharePoint Bugs

BlackSuit ransomware leak sites seized in Operation Checkmate

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies