CVE-2019-1215

HIGH KEV RANSOMWARE

Microsoft Windows 10 1507 - Improper Privilege Management

Title source: rule

Description

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.

Exploits (3)

exploitdb WORKING POC
by bluefrostsec · c++localwindows_x86-64
https://www.exploit-db.com/exploits/47935
nomisec WORKING POC 152 stars
by bluefrostsecurity · local
https://github.com/bluefrostsecurity/CVE-2019-1215
patchapalooza WORKING POC
by gavz · local
https://gitlab.com/gavz/CVE-2019-1215

References (2)

Scores

CVSS v3 7.8
EPSS 0.0524
EPSS Percentile 90.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2019-09-10
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2019-9783
Ransomware Use Confirmed
CWE
CWE-269
Status published
Products (18)
microsoft/windows_10_1507 (2 CPE variants)
microsoft/windows_10_1607 (2 CPE variants)
microsoft/windows_10_1703 (2 CPE variants)
microsoft/windows_10_1709 (3 CPE variants)
microsoft/windows_10_1803 (3 CPE variants)
microsoft/windows_10_1809 (3 CPE variants)
microsoft/windows_10_1903 (3 CPE variants)
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 8 more
Published Sep 11, 2019
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026