CVE-2020-0887

HIGH

Windows - Elevation of Privilege in Win32k Component

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-0887. PoCs published by vinhthp1712.

AI-analyzed exploit summary This is a proof-of-concept exploit for CVE-2020-0887, a Windows kernel vulnerability involving desktop heap manipulation and memory corruption. The code demonstrates pool feng shui techniques and window object manipulation to achieve local privilege escalation.

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0788, CVE-2020-0877.

Exploits (1)

nomisec WORKING POC
by vinhthp1712 · poc
https://github.com/vinhthp1712/CVE-2020-0887

This is a proof-of-concept exploit for CVE-2020-0887, a Windows kernel vulnerability involving desktop heap manipulation and memory corruption. The code demonstrates pool feng shui techniques and window object manipulation to achieve local privilege escalation.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Microsoft Windows (kernel-mode drivers, specifically win32k.sys)
No auth needed
Prerequisites: Local access to a vulnerable Windows system · Compilation in a Windows environment with appropriate headers/libraries
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.1388
EPSS Percentile 94.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (19)
microsoft/windows_10
microsoft/windows_10 1607
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_10 1903
microsoft/windows_10 1909
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 9 more
Published Mar 12, 2020
Tracked Since Feb 18, 2026