CVE-2019-0797

HIGH KEV

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.

References (2)

Scores

CVSS v3 7.8
EPSS 0.0449
EPSS Percentile 89.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2019-02-22
InTheWild.io 2019-02-22
ENISA EUVD EUVD-2019-1553
Status published
Products (14)
microsoft/windows_10_1507 (2 CPE variants)
microsoft/windows_10_1607 (2 CPE variants)
microsoft/windows_10_1703 (2 CPE variants)
microsoft/windows_10_1709 (3 CPE variants)
microsoft/windows_10_1803 (3 CPE variants)
microsoft/windows_10_1809 (3 CPE variants)
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_1709
microsoft/windows_server_1803
... and 4 more
Published Apr 09, 2019
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026