Back to KEVs

CVE-2019-1215

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege...

Basic Information

CVE State: PUBLISHED
Reserved Date: November 26, 2018
Published Date: September 11, 2019
Last Updated: February 07, 2025
Vendor: Microsoft
Product: Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)
Description: An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.
Tags

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2021-11-03 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2020-01-06 22:34:16 UTC) Source
Used in Malware: Yes (added 2021-11-03 00:00:00 UTC) Source

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1215

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

bluefrostsecurity/CVE-2019-1215

Type: github • Created: 2020-01-06 22:34:16 UTC • Stars: 148

Timeline

CVE ID Reserved

November 26, 2018
CVE Published to Public

September 11, 2019
Proof of Concept Exploit Available

January 06, 2020
Exploit Used in Malware

November 03, 2021
Added to KEVIntel

November 03, 2021