⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2019-0863Microsoft Windows vulnerability

27 documents13 sources
Severity
7.8HIGHNVD
EPSS
6.2%
top 9.15%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
23
Microsoft WindowsMicrosoft Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Windows 10 Version 1903 FOR Arm64-based Systems+20 more
Timeline
PublishedMay 16
KEV addedNov 3
KEV dueMay 3
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages22 packages

CVEListV5microsoft/windows20 versions+19

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-2v97-h8v8-m3px: An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privi2022-05-24
VulnCheck
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability2019

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows (x86/x64) - 'Error Reporting' Discretionary Access Control List / Local Privilege Escalation2019-05-22

📋Vendor Advisories

2
CISA
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability2021-11-03
Microsoft
Windows Error Reporting Elevation of Privilege Vulnerability2019-05-14

🕵️Threat Intelligence

21
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys2022-02-23
Unit42
Unit 42 Named Top Zero-Day Vulnerability Contributor by Microsoft2019-09-04
Unit42
Unit 42 Named Top Zero-Day Vulnerability Contributor by Microsoft2019-09-04
Securelist
IT threat evolution Q2 2019. Statistics2019-08-19
Unit42
Tale of a Windows Error Reporting Zero-Day (CVE-2019-0863)2019-07-02
CVE-2019-0863 — Microsoft Windows vulnerability | cvebase