Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-0735 — Improper Privilege Management in Microsoft Windows

CWE-269 — Improper Privilege Management5 documents5 sources

Severity

7.8HIGHNVD

EPSS

9.7%

top 7.07%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows Microsoft Windows Server Microsoft Windows 10 +19 more

Timeline

PublishedApr 9

Latest updateMay 13

Description

An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages20 packages

▶CVEListV5microsoft/windows_server18 versions+17

▶msrcmsrc/windows_server_2008

▶msrcmsrc/windows_server_2012

▶msrcmsrc/windows_server_2016

▶msrcmsrc/windows_server_2019

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-433w-8772-xfr8: An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, a↗2022-05-13

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation↗2019-04-16

▶

📋Vendor Advisories

Microsoft

Windows CSRSS Elevation of Privilege Vulnerability↗2019-04-09

▶

🕵️Threat Intelligence

Zscaler

Zscaler found Multiple Security Vulnerabilities | 04-09-2019↗

▶