CVE-2019-0623

HIGH EXPLOITED

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

Exploits (3)

nomisec WORKING POC 1 stars
by Anti-ghosts · local
https://github.com/Anti-ghosts/CVE-2019-0623-32-exp
patchapalooza WRITEUP
by Ascotbe · local
https://github.com/Ascotbe/Kernelhub

References (2)

Scores

CVSS v3 7.8
EPSS 0.3423
EPSS Percentile 97.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-06-28
Status published
Products (15)
microsoft/windows_10
microsoft/windows_10 1607
microsoft/windows_10 1703
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1 (2 CPE variants)
... and 5 more
Published Mar 05, 2019
Tracked Since Feb 18, 2026