Privilege escalation in Microsoft Windows Win32k.sys driver

Published: 2019-03-12 21:50:48 | Updated: 2019-03-12
Severity Medium
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2019-0797
CVSSv3 8.4 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CWE ID CWE-119
Exploitation vector Local
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 8.1
Windows 10
Windows RT 8.1

Show more

Windows Server 2012
Windows Server 2012 R2
Windows Server 2016

Show more

Vendor URL Microsoft

Security Advisory

1) Memory corruption

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Win32k.sys driver. A local user can execute a specially crafted application, trigger memory corruption and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797

Back to List