cve/2019/CVE-2019-0859.md

### [CVE-2019-0859](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0859)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201607%20for%2032-bit%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201607%20for%20x64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201703%20for%2032-bit%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201703%20for%20x64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201709%20for%2032-bit%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201709%20for%20ARM64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201709%20for%20x64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201803%20for%2032-bit%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201803%20for%20ARM64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201803%20for%20x64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201809%20for%2032-bit%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201809%20for%20ARM64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201809%20for%20x64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20for%2032-bit%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10%20for%20x64-based%20Systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20R2%20for%20Itanium-Based%20Systems%20Service%20Pack%201%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201%20(Core%20installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20for%2032-bit%20Systems%20Service%20Pack%202%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20for%2032-bit%20Systems%20Service%20Pack%202%20(Core%20installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20for%20Itanium-Based%20Systems%20Service%20Pack%202%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20for%20x64-based%20Systems%20Service%20Pack%202%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2008%20for%20x64-based%20Systems%20Service%20Pack%202%20(Core%20installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2012%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2012%20(Core%20installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2012%20R2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2012%20R2%20(Core%20installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2016%20%20(Core%20installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2016%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2019%20%20(Core%20installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2019%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7%20for%2032-bit%20Systems%20Service%20Pack%201%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7%20for%20x64-based%20Systems%20Service%20Pack%201%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.1%20for%2032-bit%20systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.1%20for%20x64-based%20systems%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=RT%208.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=version%201709%20%20(Core%20Installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=version%201803%20%20(Core%20Installation)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brightgreen)

### Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/0xcyberpj/windows-exploitation
- https://github.com/0xpetros/windows-privilage-escalation
- https://github.com/Ascotbe/Kernelhub
- https://github.com/Cruxer8Mech/Idk
- https://github.com/FULLSHADE/WindowsExploitationResources
- https://github.com/MustafaNafizDurukan/WindowsKernelExploitationResources
- https://github.com/NitroA/windowsexpoitationresources
- https://github.com/NullArray/WinKernel-Resources
- https://github.com/Ondrik8/exploit
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Sheisback/CVE-2019-0859-1day-Exploit
- https://github.com/TamilHackz/windows-exploitation
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/lp008/Hack-readme
- https://github.com/lsc1226844309/hanker1
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ycdxsb/WindowsPrivilegeEscalation
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-0859](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0859)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue)`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201607%20for%2032-bit%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201607%20for%20x64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201703%20for%2032-bit%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201703%20for%20x64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201709%20for%2032-bit%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201709%20for%20ARM64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201709%20for%20x64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201803%20for%2032-bit%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201803%20for%20ARM64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201803%20for%20x64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201809%20for%2032-bit%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201809%20for%20ARM64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20Version%201809%20for%20x64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20for%2032-bit%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10%20for%20x64-based%20Systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20R2%20for%20Itanium-Based%20Systems%20Service%20Pack%201%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201%20(Core%20installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20for%2032-bit%20Systems%20Service%20Pack%202%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20for%2032-bit%20Systems%20Service%20Pack%202%20(Core%20installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20for%20Itanium-Based%20Systems%20Service%20Pack%202%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20for%20x64-based%20Systems%20Service%20Pack%202%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2008%20for%20x64-based%20Systems%20Service%20Pack%202%20(Core%20installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2012%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2012%20(Core%20installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2012%20R2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2012%20R2%20(Core%20installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2016%20%20(Core%20installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2016%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2019%20%20(Core%20installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2019%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7%20for%2032-bit%20Systems%20Service%20Pack%201%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=7%20for%20x64-based%20Systems%20Service%20Pack%201%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.1%20for%2032-bit%20systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.1%20for%20x64-based%20systems%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=RT%208.1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=version%201709%20%20(Core%20Installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=version%201803%20%20(Core%20Installation)%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brightgreen)`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00
			`### Description`

			`An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/0xT11/CVE-POC`
			`- https://github.com/0xcyberpj/windows-exploitation`
			`- https://github.com/0xpetros/windows-privilage-escalation`
			`- https://github.com/Ascotbe/Kernelhub`
Update Mon May 27 13:12:02 UTC 2024 2024-05-27 13:12:02 +00:00			`- https://github.com/Cruxer8Mech/Idk`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/FULLSHADE/WindowsExploitationResources`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/MustafaNafizDurukan/WindowsKernelExploitationResources`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/NitroA/windowsexpoitationresources`
			`- https://github.com/NullArray/WinKernel-Resources`
			`- https://github.com/Ondrik8/exploit`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/Sheisback/CVE-2019-0859-1day-Exploit`
			`- https://github.com/TamilHackz/windows-exploitation`
			`- https://github.com/alphaSeclab/sec-daily-2019`
			`- https://github.com/developer3000S/PoC-in-GitHub`
			`- https://github.com/hectorgie/PoC-in-GitHub`
			`- https://github.com/lp008/Hack-readme`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`- https://github.com/lsc1226844309/hanker1`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/ycdxsb/WindowsPrivilegeEscalation`