Unrated severityNVD Advisory· Published Jun 12, 2019· Updated May 20, 2025

Windows Hyper-V Denial of Service Vulnerability

CVE-2019-0713

Description

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests.

Affected products

Microsoft/Windows 10 1507cpe-rescue
Range: 10.0.10240.0
Microsoft/Windows 10 1607cpe-rescue
Range: 10.0.14393.0
Microsoft/Windows 10 1703cpe-rescue
Range: 10.0.0
Microsoft/Windows Server version 1709cpe-rescue
Range: 10.0.0
Microsoft/Windows 10 Version 1803v5
Range: 10.0.0
Microsoft/Windows 10 1809cpe-rescue
Range: 10.0.0
Microsoft/Windows CSC Servicecpe-rescue
Range: 6.1.0
Microsoft/Windows 8.1cpe-rescue
Range: 6.3.0
Microsoft/Windows Server 2008cpe-rescue3 versions
6.1.7601.0+ 2 more
- (no CPE)range: 6.1.7601.0
- (no CPE)range: 6.0.0
- (no CPE)range: 6.0.6003.0
Microsoft/Windows Server 2008 R2 Service Pack 1 (Server Core installation)v5
Range: 6.1.7601.0
Microsoft/Windows Server 2008 R2 Systems Service Pack 1v5
Range: 6.1.0
Microsoft/Windows Server 2008 Service Pack 2 (Server Core installation)v5
Range: 6.0.6003.0
Microsoft/Windows Server 2012cpe-rescue2 versions
6.2.9200.0+ 1 more
- (no CPE)range: 6.2.9200.0
- (no CPE)range: 6.3.9600.0
Microsoft/Windows Server 2012 R2 (Server Core installation)v5
Range: 6.3.9600.0
Microsoft/Windows Server 2012 (Server Core installation)v5
Range: 6.2.9200.0
Microsoft/Windows Server 2016cpe-rescue
Range: 10.0.14393.0
Microsoft/Windows Server 2016 (Server Core installation)v5
Range: 10.0.14393.0
Microsoft/Windows Server 2019cpe-rescue
Range: 10.0.17763.0
Microsoft/Windows Server 2019 (Server Core installation)v5
Range: 10.0.17763.0
Microsoft/Windows Server, version 1803 (Server Core Installation)v5
Range: 10.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0713mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000