CVE-2019-1132

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k...

Basic Information

CVE State: PUBLISHED
Reserved Date: November 26, 2018
Published Date: July 29, 2019
Last Updated: February 07, 2025
Vendor: Microsoft
Product: Windows, Windows Server
Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2022-03-15 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2019-07-31 02:30:28 UTC) Source

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1132

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-03-15 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

petercc/CVE-2019-1132

Type: github • Created: 2019-07-31 02:30:28 UTC • Stars: 3

CVE-2019-1132

Vlad-tri/CVE-2019-1132

Type: github • Created: 2019-07-26 06:51:28 UTC • Stars: 61

EoP POC for CVE-2019-1132