An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0803, CVE-2019-0859.
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0803, CVE-2019-0859.
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Server | 2016, 2016 (Core installation), version 1709 (Core Installation), version 1803 (Core Installation), 2019, 2019 (Core installation) |
| Microsoft | Windows | 10 Version 1607 for 32-bit Systems, 10 Version 1607 for x64-based Systems, 10 Version 1703 for 32-bit Systems, 10 Version 1703 for x64-based Systems, 10 Version 1709 for 32-bit Systems, 10 Version 1709 for x64-based Systems, 10 Version 1803 for 32-bit Systems, 10 Version 1803 for x64-based Systems, 10 Version 1803 for ARM64-based Systems, 10 Version 1809 for 32-bit Systems, 10 Version 1809 for x64-based Systems, 10 Version 1809 for ARM64-based Systems, 10 Version 1709 for ARM64-based Systems |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice: