CVE-2019-1458

HIGH KEV RANSOMWARE

Windows Win32k - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

Exploits (6)

exploitdb WORKING POC
by piotrflorczyk · c++localwindows
https://www.exploit-db.com/exploits/48180
nomisec WRITEUP 179 stars
by piotrflorczyk · local
https://github.com/piotrflorczyk/cve-2019-1458_POC
nomisec WORKING POC 135 stars
by rip1s · local
https://github.com/rip1s/CVE-2019-1458
metasploit WORKING POC NORMAL
by piotrflorczyk, unamer, timwr · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2019_1458_wizardopium.rb
patchapalooza NO CODE
by Ascotbe · local
https://github.com/Ascotbe/Kernelhub

References (4)

Scores

CVSS v3 7.8
EPSS 0.9199
EPSS Percentile 99.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-01-10
VulnCheck KEV 2019-12-10
InTheWild.io 2019-12-10
ENISA EUVD EUVD-2019-10015
Ransomware Use Confirmed
Status published
Products (10)
microsoft/windows_10_1507 (2 CPE variants)
microsoft/windows_10_1607 (2 CPE variants)
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1 (2 CPE variants)
microsoft/windows_server_2012
microsoft/windows_server_2012 r2
microsoft/windows_server_2016
Published Dec 10, 2019
KEV Added Jan 10, 2022
Tracked Since Feb 18, 2026