CVE-2019-0859
Microsoft Win32k Privilege Escalation Vulnerability
CVSS
—
No CVSS
EPSS
4.2%
p90
KEV
YES
Nov 3, 2021
Exploit Today
77
0-100
Published: — · Last modified: —
4.2%EPSS · 30 days4.2%
2026-06-302026-07-17
Product
Microsoft / Win32k
Vulnerability
Microsoft Win32k Privilege Escalation Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-0859
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2014-4113—99.7%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2016-7255—99.6%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2021-1732—99.5%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2019-1458—99.4%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2018-8120—99.4%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—CVE-2018-8453—99.3%
KEV—80Microsoft Win32k Privilege Escalation Vulnerability—