CVE DATABASE / CVE-2019-1161
CVE-2019-1161
CVSS 7.1 · HIGH
Summary
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. The update addresses the vulnerability and blocks the arbitrary deletion.
CVSS 3.1 breakdown
| Base score | 7.1 (HIGH) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity | HIGH |
| Availability | HIGH |
Affected products
Microsoft windows defenderMicrosoft windows 10Microsoft windows 7Microsoft windows 8.1Microsoft windows rt 8.1Microsoft windows server 2008Microsoft windows server 2012Microsoft windows server 2016Microsoft forefront endpoint protection 2010Microsoft security essentialsMicrosoft system center endpoint protection
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
Data: NIST NVD. NVD last modified 2026-02-20. Always verify against the vendor advisory before acting.