CVE-2019-0859

CVSS 7.8 HIGHEPSS 4.2%● KEV

In short

A flaw in Windows' Win32k component allows an attacker with regular user access to gain administrator-level privileges by exploiting how the system handles memory objects. This is dangerous because it gives attackers full control over the computer.

Technical detail

An elevation of privilege vulnerability in the Win32k kernel component caused by improper memory object handling. A local attacker can exploit this to escalate from user-mode to kernel privileges, achieving full system compromise. The vulnerability requires local access but no user interaction beyond execution of a malicious payload.

Summary generated and translated by AI from the official description.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Microsoft · Windows Microsoft · Windows Server

public PoCs found — 1

githubgithub.com/Sheisback/CVE-2019-0859-1day-Exploit★ 118

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0859 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0859