How severe is CVE-2019-1163?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2019-1163?

This is classified as CWE-354, which is a common weakness in software security.

CVE-2019-1163

MEDIUM Year: 2019

CVSS v3 Score

5.5

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-354

View all →

Vulnerability Description

A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, an attacker could modify a signed CAB file and inject malicious code. The attacker could then convince a target user to execute the file. The update addresses the vulnerability by correcting how Windows validates file signatures.

CVE-2017-9498

MEDIUM

CVSS:5.5(Medium)

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leve...

CWE-3542017

CVE-2021-4148

MEDIUM

CVSS:5.5(Medium)

A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of servic...

CWE-3542021

CVE-2022-33711

MEDIUM

CVSS:5.5(Medium)

Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using dire...

CWE-3542022

CVE-2023-30673

MEDIUM

CVSS:5.5(Medium)

Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.23052_1 allows local attackers to delete arbitrary directory using directory junction.

CWE-3542023

CVE-2024-49875

MEDIUM

CVSS:5.5(Medium)

In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, resu...

CWE-3542024

CVE-2023-28802

MEDIUM

CVSS:5.4(Medium)

An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. Thi...

CWE-3542023

CVE-2019-1163

Vulnerability Description

Related Vulnerabilities

CVE-2017-9498

CVE-2021-4148

CVE-2022-33711

CVE-2023-30673

CVE-2024-49875

CVE-2023-28802