CVE-2019-0863

HIGH KEV

Windows Error Reporting - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

Exploits (1)

exploitdb WORKING POC

by SandboxEscaper · textlocalwindows

https://www.exploit-db.com/exploits/46917

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/153008/Angry-Polar-Bear-2-Microsoft-Windows-Error-Reporting-Local-Privilege-Escalation.html

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0863

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0863

Scores

CVSS v3 7.8

EPSS 0.0616

EPSS Percentile 90.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03

VulnCheck KEV 2019-05-14

InTheWild.io 2019-05-14

ENISA EUVD EUVD-2019-1612

Status published

Products (17)

microsoft/windows_10_1507 (2 CPE variants)

microsoft/windows_10_1607 (2 CPE variants)

microsoft/windows_10_1703 (2 CPE variants)

microsoft/windows_10_1709 (3 CPE variants)

microsoft/windows_10_1803 (3 CPE variants)

microsoft/windows_10_1809 (3 CPE variants)

microsoft/windows_10_1903 (3 CPE variants)

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

... and 7 more

Published May 16, 2019

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026