CVE-2019-1458

HIGH KEV RANSOMWARE

Windows Win32k - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

Exploits (6)

nomisec WRITEUP 179 stars
by piotrflorczyk · local
https://github.com/piotrflorczyk/cve-2019-1458_POC
nomisec WORKING POC 135 stars
by rip1s · local
https://github.com/rip1s/CVE-2019-1458
patchapalooza NO CODE
by Ascotbe · local
https://github.com/Ascotbe/Kernelhub
metasploit WORKING POC NORMAL
by piotrflorczyk, unamer, timwr · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2019_1458_wizardopium.rb
exploitdb WORKING POC
by piotrflorczyk · c++localwindows
https://www.exploit-db.com/exploits/48180

References (4)

Scores

CVSS v3 7.8
EPSS 0.9194
EPSS Percentile 99.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2022-01-10
VulnCheck KEV 2019-12-10
InTheWild.io 2019-12-10
ENISA EUVD EUVD-2019-10015
Ransomware Use Confirmed

Classification

Status published

Affected Products (13)

microsoft/windows_10_1507
microsoft/windows_10_1507
microsoft/windows_10_1607
microsoft/windows_10_1607
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_server_2012
microsoft/windows_server_2012
microsoft/windows_server_2016

Timeline

Published Dec 10, 2019
KEV Added Jan 10, 2022
Tracked Since Feb 18, 2026