CISA description
Microsoft MSHTML engine contains an improper input validation vulnerability that allows for remote code execution vulnerability.
CVE-2019-0541
Microsoft · MSHTML
Microsoft MSHTML Remote Code Execution Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.