CVE-2019-1132

HIGH KEV

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

Exploits (4)

nomisec WORKING POC 61 stars

by Vlad-tri · local

https://github.com/Vlad-tri/CVE-2019-1132

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by petercc · local

https://github.com/petercc/CVE-2019-1132

View Code ZIP pw:eip

exploitdb WORKING POC

by ShivamTrivedi · c++localwindows_x86

https://www.exploit-db.com/exploits/47176

View Code ZIP pw:eip

patchapalooza NO CODE

by Ascotbe · local

https://github.com/Ascotbe/Kernelhub

View Code ZIP pw:eip

References (2)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1132

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1132

Scores

CVSS v3 7.8

EPSS 0.3564

EPSS Percentile 97.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2022-03-15

VulnCheck KEV 2019-07-09

InTheWild.io 2019-07-09

ENISA EUVD EUVD-2019-9708

Classification

Status published

Affected Products (4)

microsoft/windows_7

microsoft/windows_server_2008

Timeline

Published Jul 15, 2019

KEV Added Mar 15, 2022

Tracked Since Feb 18, 2026