Cyber Resilience

CVE-2019-0676

MediumCISA KEVActive ExploitationEUVD Exploited

Published: 05 March 2019

Published
05 March 2019
Modified
29 October 2025
KEV Added
23 May 2022
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score 0.2382 96.1th percentile
Risk Priority 47 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-0676 is a medium-severity an unspecified weakness vulnerability in Microsoft Windows 10 1709. Its CVSS base score is 6.5 (Medium).

Operationally, ranked in the top 3.9% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 AU-13 (Monitoring for Information Disclosure) and SI-2 (Flaw Remediation).

Deeper analysis

An information disclosure vulnerability exists in Internet Explorer when the browser improperly handles objects in memory. The flaw, tracked as CVE-2019-0676, allows an attacker to determine whether specific files are present on a victim's disk. It carries a CVSS 3.1 score of 6.5 reflecting network attack vector, low attack complexity, no required privileges, and required user interaction.

An unauthenticated remote attacker can exploit the issue by convincing a user to visit a malicious web page or open a specially crafted document in Internet Explorer. Successful exploitation discloses the presence or absence of arbitrary files on disk without granting code execution or further system access.

Microsoft published an advisory addressing the vulnerability, and the issue appears in CISA's catalog of known exploited vulnerabilities, indicating confirmed in-the-wild use. No additional mitigation details beyond the vendor advisory are provided in the source references.

EU & UK References

Vulnerability details

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'.

CWE(s)
KEV Date Added
23 May 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
internet explorer
10, 11

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires applying the vendor patch that eliminates the memory-handling flaw enabling file-presence disclosure in Internet Explorer.

detect

Explicitly mandates monitoring for information disclosure attempts that match the file-existence probing behavior of this CVE.

detect

Provides ongoing system monitoring that can identify anomalous outbound or script-driven access patterns used to exploit the IE flaw.

References