CVE-2019-0880 Microsoft splwow64 Elevation of Privilege Vulnerability

This is a Privilege Escalation vulnerability in how all modern versions of Windows and appears to relate to a function in splwow64.exe. Very little has been released on the technical details of the vulnerability, but the affects are fairly large. All versions of Windows after Server 2008 R2 are affected, including ARM versions. I’m very curous as to what the details are, as I think of only x64 versions when I look at splwow64.exe.

Recent assessments:

bwatters-r7 at July 10, 2019 3:11pm UTC reported:

This is very hard to quantify in any way given the lack of reporting on the internal workings. It is a Priv Esc that affects all recent versions of Windows, though, so it would be a concern. I have seen no PoC for it, though it was used in the wild.

asoto-r7 at July 24, 2019 7:06pm UTC reported:

This is very hard to quantify in any way given the lack of reporting on the internal workings. It is a Priv Esc that affects all recent versions of Windows, though, so it would be a concern. I have seen no PoC for it, though it was used in the wild.

zeroSteiner at May 28, 2020 10:10pm UTC reported:

This is very hard to quantify in any way given the lack of reporting on the internal workings. It is a Priv Esc that affects all recent versions of Windows, though, so it would be a concern. I have seen no PoC for it, though it was used in the wild.

gwillcox-r7 at November 22, 2020 2:46am UTC reported:

This is very hard to quantify in any way given the lack of reporting on the internal workings. It is a Priv Esc that affects all recent versions of Windows, though, so it would be a concern. I have seen no PoC for it, though it was used in the wild.

Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 3