Microsoft Windows Hyper-V Denial of Service Vulnerability



A vulnerability in the Network Switch component of Microsoft Windows Hyper-V could allow an adjacent attacker to cause a denial of service (DoS) condition on a targeted host system.

The vulnerability is due to improper validation of user-supplied input by the affected software when handling input from a privileged user on a guest system. An attacker with privileged access to a guest system could exploit this vulnerability by accessing the guest system and executing an application that submits malicious input to the affected software. A successful exploit could allow the attacker to cause the host system to crash, resulting in a DoS condition for the host and all guest systems.

Microsoft confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2019-0690

Source:: Cisco Multivendor Vulnerability Alerts