VDB
CVE-2019-0803
CVE-2019-0803
PUBLISHED
KEV
CVSS 7.199999809265137 HIGH
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.
EPSS 88.84% · 99.5th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
88.84%
99.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_10_1709 | |
| microsoft | windows_server_2008 | r2, r2, r2 |
| microsoft | windows_server_1709 | |
| microsoft | windows_10_1507 | |
| microsoft | windows_8.1 | |
| microsoft | windows_10_1809 | |
| microsoft | windows_7 | |
| microsoft | windows_10_1703 | |
| microsoft | windows_server_2012 | r2, r2, r2 |
| microsoft | windows_rt_8.1 | |
| microsoft | windows_server_2019 | |
| microsoft | windows_10_1803 | |
| Microsoft | Windows Server | 2008 for x64-based Systems Service Pack 2 (Core installation), 2008 for x64-based Systems Service Pack 2, 2008 for 32-bit Systems Service Pack 2 |
| Microsoft | Windows | 7 for 32-bit Systems Service Pack 1, *, * |
| microsoft | windows_10_1607 | |
| microsoft | windows_server_2016 | |
| microsoft | windows_server_1803 |
Exploit Intelligence
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
- Win32k Elevation of Privilege Poc (github-poc)
…and 149 more exploits
Timeline
- Jan 19, 1970 VulnCheck XDB Entry
- Jan 19, 1970 VulnCheck XDB Entry
- May 23, 2014 PoC Published
- Apr 9, 2019 VulnCheck KEV Exploitation
- Apr 9, 2019 PoC Published
- Apr 9, 2019 CVE Published
- Apr 10, 2019 PoC Published
- May 24, 2019 PoC Published
- Jul 18, 2019 PoC Published
- Jan 21, 2020 PoC Published
- Jun 26, 2020 PoC Published
- Aug 17, 2020 PoC Published
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-04 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-03 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-02 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-05 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-01 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-06 advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0803 url
- http://packetstormsecurity.com/files/153034/Microsoft-Windows-Win32k-Privilege-Escalation.html url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0803 url
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01 advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-02 advisory
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-0803 advisory