CVE-2019-0552

HIGH

Windows COM Desktop Broker - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-0552. PoCs published by Google Security Research.

AI-analyzed exploit summary The writeup details a COM Desktop Broker elevation of privilege vulnerability in Windows 10 1809, where incorrect permission checks allow sandbox escape. It explains the root cause, affected components (RPCSS, COMBASE), and the exploitation process involving arbitrary directory activation of WinRT components.

Description

An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textlocalwindows

https://www.exploit-db.com/exploits/46162

View Code ZIP pw:eip

The writeup details a COM Desktop Broker elevation of privilege vulnerability in Windows 10 1809, where incorrect permission checks allow sandbox escape. It explains the root cause, affected components (RPCSS, COMBASE), and the exploitation process involving arbitrary directory activation of WinRT components.

Classification

Writeup 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Windows 10 1809 (and likely earlier versions)

No auth needed

Prerequisites: Access to a process with sufficient privileges to create COM objects · Ability to inject code into a target process (e.g., MicrosoftEdge)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.002 - Bypass User Account Control

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/46162/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/106407

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0552

Scores

CVSS v3 8.8

EPSS 0.0254

EPSS Percentile 82.9%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-863

Status published

Products (13)

microsoft/windows_10

microsoft/windows_10 1607

microsoft/windows_10 1703

microsoft/windows_10 1709

microsoft/windows_10 1803

microsoft/windows_10 1809

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2012 r2

microsoft/windows_server_2016

... and 3 more

Published Jan 08, 2019

Tracked Since Feb 18, 2026