Main Vulnerability Database SB2019081416

SB2019081416 - Information disclosure in Windows SymCrypt

Published: August 14, 2019

Security Bulletin ID SB2019081416

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Description

This security bulletin contains information about 1 security vulnerability.

1) Cryptographic issues (CVE-ID: CVE-2019-1171)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists in SymCrypt during the OAEP decryption stage. A local user can gain access to sensitive data.

Install update from vendor's website.