Lucene search
HistoryDec 10, 2019 - 10:15 p.m.
CVE-2019-1458
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.972 High
EPSS
Percentile
99.8%
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka âWin32k Elevation of Privilege Vulnerabilityâ.
Affected configurations
Node
microsoftwindows_10Match-
ORmicrosoftwindows_10Match1607
ORmicrosoftwindows_7Match-sp1
ORmicrosoftwindows_8.1Match-
ORmicrosoftwindows_rt_8.1Match-
ORmicrosoftwindows_server_2008Match-sp2itanium
ORmicrosoftwindows_server_2008Matchr2sp1itanium
ORmicrosoftwindows_server_2008Matchr2sp1x86
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016Match-
Related
zdt
zdt
Microsoft Windows - (WizardOpium) Local Privilege Escalation Exploit
2020-03-09 00:00:00
Microsoft Windows Uninitialized Variable Local Privilege Escalation Exploit
2020-10-15 00:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2020-03-11 08:30:14
Exploit for Vulnerability in Microsoft
2020-03-03 17:55:07
prion
prion
Privilege escalation
2019-12-10 22:15:00
cve
cve
CVE-2019-1458
2019-12-10 22:15:16
mscve
mscve
Win32k Elevation of Privilege Vulnerability
2019-12-10 08:00:00
packetstorm
packetstorm
Microsoft Windows WizardOpium Local Privilege Escalation
2020-03-06 00:00:00
Microsoft Windows Uninitialized Variable Local Privilege Escalation
2020-10-15 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-01-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (CVE-2019-1458)
2019-12-10 00:00:00
metasploit
metasploit
Google Chrome 67, 68 and 69 Object.create exploit
2020-02-14 22:10:52
Microsoft Windows Uninitialized Variable Local Privilege Elevation
2020-10-15 15:59:44
symantec
symantec
cvelist
cvelist
CVE-2019-1458
2019-12-10 21:40:57
securelist
securelist
Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium
2019-12-10 20:00:39
The zero-day exploits of Operation WizardOpium
2020-05-28 10:00:09
APT trends report Q3 2020
2020-11-03 10:00:37
threatpost
threatpost
Microsoft Issues Out-of-Band Update for SharePoint Bug
2019-12-18 19:14:55
SAS@Home Virtual Summit Showcases New Threat Intel, Industry Changes
2020-04-24 20:44:05
Purple Fox EK Adds Microsoft Exploits to Arsenal
2020-07-06 15:21:30
attackerkb
attackerkb
CVE-2019-1458
2019-12-10 00:00:00
Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium
2019-10-10 00:00:00
thn
thn
Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT
2023-09-20 09:56:00
Latest Microsoft Update Patches New Windows 0-Day Under Active Attack
2019-12-11 06:19:00
DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly
2022-03-17 12:59:00
trellix
trellix
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
Take a "NetWalk" on the Wild Side
2020-08-03 00:00:00
krebs
krebs
Patch Tuesday, December 2019 Edition
2019-12-11 01:51:25
Microsoft Patch Tuesday, January 2021 Edition
2021-01-13 01:32:20
rapid7blog
rapid7blog
Metasploit Wrap-Up
2020-10-23 18:56:55
qualysblog
qualysblog
Assess Your Risk From Ransomware Attacks, Powered by Qualys Research
2021-10-05 12:50:00
December 2019 Patch Tuesday â 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns
2019-12-10 19:04:23
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
googleprojectzero
googleprojectzero
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
2020-04-02 00:00:00
Root Cause Analyses for 0-day In-the-Wild Exploits
2020-07-29 00:00:00
Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019
2020-07-29 00:00:00
mskb
mskb
December 10, 2019âKB4530719 (Security-only update)
2019-12-10 08:00:00
December 10, 2019âKB4530698 (Security-only update)
2019-12-10 08:00:00
December 10, 2019âKB4530730 (Security-only update)
2019-12-10 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4530702)
2019-12-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4530681)
2019-12-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4530689)
2019-12-11 00:00:00
nessus
nessus
KB4530719: Windows Server 2008 December 2019 Security Update
2019-12-10 00:00:00
KB4530698: Windows Server 2012 December 2019 Security Update
2019-12-10 00:00:00
kaspersky
kaspersky
KLA11862 Multiple vulnerabilities in Microsoft Products (ESU)
2019-12-10 00:00:00
KLA11616 Multiple vulnerabilities in Microsoft Windows
2019-12-11 00:00:00
KLA11868 Multiple vulnerabilities in Microsoft Windows
2019-12-10 00:00:00
cisa
cisa
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-01-10 00:00:00
talosblog
talosblog
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.972 High
EPSS
Percentile
99.8%
Related for NVD:CVE-2019-1458