CVE-2019-0803

HIGH KEV RANSOMWARE

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.

Exploits (4)

exploitdb SUSPICIOUS

by Arch-Vile · textlocalwindows

https://www.exploit-db.com/exploits/46920

View Code ZIP pw:eip

nomisec WORKING POC 83 stars

by ExpLife0011 · local

https://github.com/ExpLife0011/CVE-2019-0803

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by Iamgublin · poc

https://github.com/Iamgublin/CVE-2019-0803

View Code ZIP pw:eip

patchapalooza NO CODE

by Ascotbe · local

https://github.com/Ascotbe/Kernelhub

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/153034/Microsoft-Windows-Win32k-Privilege-Escalation.html

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0803

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0803

Scores

CVSS v3 7.8

EPSS 0.8983

EPSS Percentile 99.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03

VulnCheck KEV 2019-04-09

InTheWild.io 2019-04-09

ENISA EUVD EUVD-2019-1559

Ransomware Use Confirmed

Status published

Products (17)

microsoft/windows_10_1507 (2 CPE variants)

microsoft/windows_10_1607 (2 CPE variants)

microsoft/windows_10_1703 (2 CPE variants)

microsoft/windows_10_1709 (3 CPE variants)

microsoft/windows_10_1803 (3 CPE variants)

microsoft/windows_10_1809 (3 CPE variants)

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_1709

... and 7 more

Published Apr 09, 2019

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026