Login Sign Up

CVE-2019-1157

7.8 HIGH
Remote Code Execution

📋 TL;DR

CVE-2019-1157 is a remote code execution vulnerability in the Windows Jet Database Engine that allows attackers to execute arbitrary code on vulnerable systems. It affects Windows systems with the vulnerable Jet Database Engine component. Attackers can exploit this by tricking users into opening specially crafted files.

💻 Affected Systems

Products:
  • Windows Jet Database Engine
Versions: Windows 10, Windows Server 2016, Windows Server 2019, and earlier versions with Jet Database Engine
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Systems with Jet Database Engine enabled are vulnerable. The vulnerability requires user interaction to open a malicious file.

📦 What is this software?

Windows 10 by Microsoft

View all CVEs affecting Windows 10 →

Windows 10 by Microsoft

View all CVEs affecting Windows 10 →

Windows 10 by Microsoft

View all CVEs affecting Windows 10 →

Windows 10 by Microsoft

View all CVEs affecting Windows 10 →

Windows 10 by Microsoft

View all CVEs affecting Windows 10 →

Windows 10 by Microsoft

View all CVEs affecting Windows 10 →

Windows 10 by Microsoft

View all CVEs affecting Windows 10 →

Windows 7 by Microsoft

View all CVEs affecting Windows 7 →

Windows 8.1 by Microsoft

View all CVEs affecting Windows 8.1 →

Windows Rt 8.1 by Microsoft

View all CVEs affecting Windows Rt 8.1 →

Windows Server 2008 by Microsoft

View all CVEs affecting Windows Server 2008 →

Windows Server 2008 by Microsoft

View all CVEs affecting Windows Server 2008 →

Windows Server 2008 by Microsoft

View all CVEs affecting Windows Server 2008 →

Windows Server 2012 by Microsoft

View all CVEs affecting Windows Server 2012 →

Windows Server 2012 by Microsoft

View all CVEs affecting Windows Server 2012 →

Windows Server 2016 by Microsoft

View all CVEs affecting Windows Server 2016 →

Windows Server 2016 by Microsoft

View all CVEs affecting Windows Server 2016 →

Windows Server 2016 by Microsoft

View all CVEs affecting Windows Server 2016 →

Windows Server 2019 by Microsoft

View all CVEs affecting Windows Server 2019 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining SYSTEM-level privileges, data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Limited user-level code execution leading to data exfiltration, credential theft, or lateral movement within the network.

🟢

If Mitigated

No impact if systems are patched and proper application whitelisting prevents execution of malicious payloads.

🌐 Internet-Facing: LOW with brief explanation
🏢 Internal Only: MEDIUM with brief explanation

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction (opening a malicious file). No public exploit code was available at disclosure time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Security updates released in July 2019 (e.g., KB4507453 for Windows 10 1903)

Vendor Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1157

Restart Required: Yes

Instructions:

1. Apply the July 2019 Windows security updates from Windows Update. 2. For enterprise environments, deploy through WSUS or SCCM. 3. Restart systems after patch installation.

🔧 Temporary Workarounds

Disable Jet Database Engine

windows

Prevents exploitation by disabling the vulnerable component

reg add "HKLM\SOFTWARE\Microsoft\Jet\4.0\Engines" /v "SandBoxMode" /t REG_DWORD /d 3 /f

Application Control Policies

windows

Use Windows Defender Application Control to block untrusted Jet Database Engine files

🧯 If You Can't Patch

  • Implement application whitelisting to prevent execution of malicious files
  • Educate users about the risks of opening untrusted files and attachments

🔍 How to Verify

Check if Vulnerable:

Check if July 2019 Windows security updates are installed via 'wmic qfe list' or 'systeminfo' command

Check Version:

wmic qfe list | findstr KB4507453

Verify Fix Applied:

Verify KB4507453 (or equivalent for your Windows version) is installed in Windows Update history

📡 Detection & Monitoring

Log Indicators:

  • Windows Event Logs showing Jet Database Engine crashes or unexpected process creation

Network Indicators:

  • Outbound connections from systems after opening Jet database files

SIEM Query:

EventID=1000 OR EventID=1001 Source="Application Error" AND ProcessName="msjet40.dll"

📊 Metadata

CVE ID: CVE-2019-1157
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-94
Published: August 14, 2019
Last Updated: February 20, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-1157, you might also want to check these:

CVE-2025-62521 10.0

CVE-2025-62521 is a critical pre-authentication remote code execution vulnerability in ChurchCRM tha...

Same vulnerability type (CWE-94)
CVE-2026-26216 10.0

Crawl4AI versions before 0.8.0 contain an unauthenticated remote code execution vulnerability in the...

Same vulnerability type (CWE-94)
CVE-2021-22205 10.0

CVE-2021-22205 is a critical remote code execution vulnerability in GitLab CE/EE where improper vali...

Same vulnerability type (CWE-94)