Vulnerability Details CVE-2019-0880
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
Proposed Action
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.
Ransomware Campaign
Unknown
References
Products affected by CVE-2019-0880
-
cpe:2.3:o:microsoft:windows_10_1507:-
-
cpe:2.3:o:microsoft:windows_10_1607:-
-
cpe:2.3:o:microsoft:windows_10_1703:-
-
cpe:2.3:o:microsoft:windows_10_1709:-
-
cpe:2.3:o:microsoft:windows_10_1803:-
-
cpe:2.3:o:microsoft:windows_10_1809:-
-
cpe:2.3:o:microsoft:windows_10_1903:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_1903:-
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2019:-