CVE-2019-0808

CVSS 7.8 HIGHEPSS 53.3%● KEV

In short

A flaw in Windows' Win32k component allows an attacker with local access to gain higher privileges on the system. This happens because the component doesn't properly manage objects in memory, creating a security gap.

Technical detail

Win32k elevation of privilege vulnerability caused by improper memory object handling. Attack vector is local; requires user-level code execution as a prerequisite. Successful exploitation grants SYSTEM-level privileges, enabling full system compromise.

Summary generated and translated by AI from the official description.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Microsoft · Windows Microsoft · Windows Server

public PoCs found — 5

githubgithub.com/exodusintel/CVE-2019-0808★ 90 githubgithub.com/ze0r/cve-2019-0808-poc★ 48 githubgithub.com/rakesh143/CVE-2019-0808★ 1 cve_referencepacketstormsecurity.com/files/157616/Microsoft-Windows-NtUserMNDragOver-Local-Privilege-Escalation.htmlunverified exploitdbwww.exploit-db.com/exploits/46604unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/157616/Microsoft-Windows-NtUserMNDragOver-Local-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0808