CVE-2019-1215

HIGH KEV RANSOMWARE

Microsoft Windows 10 1507 - Improper Privilege Management

Title source: rule

Description

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.

Exploits (3)

nomisec WORKING POC 152 stars
by bluefrostsecurity · local
https://github.com/bluefrostsecurity/CVE-2019-1215
exploitdb WORKING POC
by bluefrostsec · c++localwindows_x86-64
https://www.exploit-db.com/exploits/47935
patchapalooza WORKING POC
by gavz · local
https://gitlab.com/gavz/CVE-2019-1215

References (2)

Scores

CVSS v3 7.8
EPSS 0.0770
EPSS Percentile 91.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2021-11-03
VulnCheck KEV 2019-09-10
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2019-9783
Ransomware Use Confirmed

Classification

CWE
CWE-269
Status published

Affected Products (30)

microsoft/windows_10_1507
microsoft/windows_10_1507
microsoft/windows_10_1607
microsoft/windows_10_1607
microsoft/windows_10_1703
microsoft/windows_10_1703
microsoft/windows_10_1709
microsoft/windows_10_1709
microsoft/windows_10_1709
microsoft/windows_10_1803
microsoft/windows_10_1803
microsoft/windows_10_1803
microsoft/windows_10_1809
microsoft/windows_10_1809
microsoft/windows_10_1809
... and 15 more

Timeline

Published Sep 11, 2019
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026