CVE-2019-19705

Name: CVE-2019-19705
Creator: NVD / NIST
Published: 2022-12-26T21:15:10.437+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.20%

Last modified Jun 17, 2026

CVE-2019-19705 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.. EPSS estimates a 0.20% chance of exploitation in the next 30 days.

Description

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Probability

0.20%

10.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Lenovo	Ideacentre 510-15ikl Firmware	< 6.0.8923.1
Lenovo	Ideacentre 510s-08ikl Firmware	< 6.0.8923.1
Lenovo	Ideacentre 300s-11ish Firmware	< 6.0.8924.1
Lenovo	Ideacentre 310-15asr Firmware	< 6.0.8924.1
Lenovo	Ideacentre 310-15iap Firmware	< 6.0.8924.1
Lenovo	Ideacentre 310a-15iap Firmware	< 6.0.8924.1
Lenovo	Ideacentre 310s-08iap Firmware	< 6.0.8924.1
Lenovo	Ideacentre 510-15abr Firmware	< 6.0.8924.1
Lenovo	Ideacentre 510s-08ish Firmware	< 6.0.8924.1
Lenovo	Ideacentre 610s-02ish Firmware	< 6.0.8924.1
Lenovo	Ideacentre 620s-03ikl Firmware	< 6.0.8924.1
Lenovo	Ideacentre 700 Firmware	< 6.0.8924.1
Lenovo	Ideacentre 720-18asr Firmware	< 6.0.8924.1
Lenovo	Legion Y520t Z370 Firmware	< 6.0.8924.1
Lenovo	Legion Y720 Tower Firmware	< 6.0.8924.1
Lenovo	Legion Y720t Amd Firmware	< 6.0.8924.1
Lenovo	Legion Y920 Tower Firmware	< 6.0.8924.1
Lenovo	Lenovo V320-15iap Firmware	< 6.0.8924.1
Lenovo	Thinkcentre E74s Firmware	< 6.0.8924.1
Lenovo	Yangtian Mc H110 Firmware	< 6.0.8924.1
Lenovo	Yangtian Me\/We H110 Firmware	< 6.0.8924.1
Lenovo	Yangtian Tc\/Wc H110 Pci Firmware	< 6.0.8924.1
Lenovo	Yangtian Ytm6900e-00 Firmware	< 6.0.8924.1
Lenovo	Yta8900f Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M6600 Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M6600q Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M6600t\/S Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M700q Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M700t\/S Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M710e Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M710q Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M710t\/S Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M715q Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M715t\/S Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M800 Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M8600t\/S Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M900 Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M910 T\/S Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M910q Firmware	< 6.0.8924.1
Lenovo	Thinkcentre M910x Firmware	< 6.0.8924.1
Lenovo	Yangtian Afh110 Firmware	< 6.0.8924.1
Lenovo	Yangtian Afq150 Firmware	< 6.0.8924.1
Lenovo	Yangtian Mc H110 Pci Firmware	< 6.0.8924.1
Lenovo	Yangtian Mf\/Wf H110 Pci Firmware	< 6.0.8924.1
Lenovo	Aio 910-27ish Firmware	< 6.0.8924.1
Lenovo	Aio Y910-27ish Firmware	< 6.0.8881.1
Lenovo	Aio300-23isu Firmware	< 6.0.8881.1
Lenovo	Aio310-20iap Firmware	< 6.0.8881.1
Lenovo	Aio510-22ish Firmware	< 6.0.8881.1
Lenovo	Aio510-23ish Firmware	< 6.0.8881.1

Showing 50 of 138 affected configurations. See NVD for the full list.

References

Timeline

Published: Dec 26, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-19705?

How severe is CVE-2019-19705?

CVE-2019-19705 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.20% probability of exploitation in the next 30 days.

How do I fix CVE-2019-19705?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-19705?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST