CVE-2019-1405: Microsoft Windows Universal Plug and Play (UPnP) Service

Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability. A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.

• CISA KEV-listed (remediation due 2022-04-05)
• used in ransomware campaigns
• EPSS 53.9% (98.1% percentile)

Browse the CVE database

Read the full analysis on IntelFusions