{"vulnerability": "CVE-2019-0803", "sightings": [{"uuid": "b1e14e55-670b-4f5d-a85f-0fac079cde18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/5d307d92-3514-4a9b-9840-0a540a950b0c", "content": "", "creation_timestamp": "2019-07-18T14:16:29.000000Z"}, {"uuid": "24c75362-3c66-484e-a32f-ba4648cfddc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/42d04e94-bf5b-427d-acc8-f5d740675941", "content": "", "creation_timestamp": "2020-10-20T15:57:21.000000Z"}, {"uuid": "acac8168-8f68-4ef7-baf1-a74d91479e10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/5f850411-c103-491f-abff-9421425403cf", "content": "", "creation_timestamp": "2020-10-21T08:19:09.000000Z"}, {"uuid": "42348857-3cd2-49a7-aff4-e64fdfc6beb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "c791b636-7c83-4e26-b1c9-897e48877919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "ab53dced-9c3c-472f-9172-c01b831a0140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/0f0e6302-18ce-4342-b5cf-b8468fa5531a", "content": "", "creation_timestamp": "2020-10-09T14:47:33.000000Z"}, {"uuid": "2d73c1ca-b081-4efa-aa21-8fc6802d7e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/d925a2ee-e7cf-46f6-bec1-ad8e19122730", "content": "", "creation_timestamp": "2020-10-20T15:58:04.000000Z"}, {"uuid": "8269b9b6-435e-49c6-918a-e6490bd08eb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/1d5701e2-6293-497d-a4c0-bf3b16e17404", "content": "", "creation_timestamp": "2023-10-12T10:23:18.000000Z"}, {"uuid": "a73bfaa0-0e40-4080-9766-51350da5ed6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971014", "content": "", "creation_timestamp": "2024-12-24T20:23:03.742287Z"}, {"uuid": "c1786f58-223c-4e6b-901c-d7d8333d0403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=378", "content": "", "creation_timestamp": "2019-04-10T04:00:00.000000Z"}, {"uuid": "6f231e06-cc66-4209-a6c8-86d26d9d8595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:41.000000Z"}, {"uuid": "6052b861-01f2-4ebd-b69c-d1d2d4fc8c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:03.000000Z"}, {"uuid": "a63014a4-7ab0-439b-aea8-96c40a352987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "published-proof-of-concept", "source": "https://t.me/antichat/4994", "content": "https://github.com/PenTesting/CVE-2019-0803", "creation_timestamp": "2019-05-18T21:08:21.000000Z"}, {"uuid": "910f39f7-40c6-43bb-98e5-67641f029227", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-0803", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/64c5a2b7-fcc4-4659-835b-83d0cdcc8809", "content": "", "creation_timestamp": "2026-02-02T12:28:52.214730Z"}, {"uuid": "42a50a17-972e-4bd7-aa1a-cbc38af47974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "https://t.me/is_n3ws/36", "content": "\u0410\u041d\u0411 \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u043e \u0430\u0442\u0430\u043a\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0432\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u043e \u043e\u0442\u0447\u0435\u0442. Top-20 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\nhttps://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF\n\nGaining Remote Access: \n-----------------------------\nCVE-2019-11510: Arbitrary file read/Pulse Secure VPN\nCVE-2019-19781: RCE/Citrix ADC\nCVE-2020-8195/3/6: Unauthenticated access\nCVE-2019-0708: RCE on RDP server\nCVE-2020-5902: RCE in F5 BIG-IP\n\nAD:\n----\nCVE-2020-1472: #ZeroLogon\nCVE-2019-1040: NTLM relay bypass\n\nMDM: \n------\nCVE-2020-15505: MobileIron device management\n\nExploiting Public Facing Services:\n---------------- \nCVE-2020-1350: RCE/ DNS Servers #SigRed\nCVE-2018-6789: RCE/ Exim mail transfer\nCVE-2018-4939: RCE/ Adobe's Cold Fusion\n\nWorkstation Local Privilege Escalation:\n-------------------------\nCVE-2020-0601: ECC spoofing #CurveBall\nCVE-2019-0803: Win32k Elevation of Privilege\n\nInternal Applications:\n--------------------\nCVE-2020-0688: RCE/MS Exchange\nCVE-2020-2555: RCE/Oracle Weblogic\nCVE-2019-11580: RCE/Atlassian Crowd\nCVE-2019-18935: RCE/ASP.Net\nCVE-2015-4852: RCE/Apache\nCVE-2019-3396: Unauthorized Access/Confluence\nCVE-2020-10189: RCE/Desktop Central", "creation_timestamp": "2020-11-06T22:00:17.000000Z"}, {"uuid": "266dc2ab-0279-4656-bae9-8bb9f25628bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "exploited", "source": "https://t.me/CyberGovIL/413", "content": "\u05d1-9 \u05dc\u05d7\u05d5\u05d3\u05e9 \u05e4\u05e8\u05e1\u05de\u05d4 \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05db- 74 \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05ea\u05d5\u05db\u05e0\u05d5\u05ea \u05e0\u05ea\u05de\u05db\u05d5\u05ea, 16 \u05de\u05e1\u05d5\u05d5\u05d2\u05d5\u05ea \u05db\u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea.\n\n\u05d9\u05d3\u05d5\u05e2 \u05e2\u05dc 2 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea (CVE-2019-0803 \u05d5- CVE-2019-0859) \u05d1- win32k,\n\n\u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05dc\u05ea\u05e7\u05d9\u05e4\u05d5\u05ea \u05d5\u05e2\u05dc\u05d5\u05dc\u05d5\u05ea \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e3 \u05de\u05e7\u05d5\u05d5\u05df (logged in) \u05d4\u05e2\u05dc\u05d0\u05ea \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05d5\u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05d1\u05e8\u05de\u05ea \u05d4- Kernel.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d4\u05d7\u05de\u05d5\u05e8\u05d5\u05ea \u05d1\u05d9\u05d5\u05ea\u05e8 \u05e2\u05dc\u05d5\u05dc\u05d5\u05ea \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d4\u05e4\u05e2\u05dc\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 (RCE).", "creation_timestamp": "2019-04-10T12:26:05.000000Z"}, {"uuid": "7d7656bb-d3ac-4395-bb7b-c7b5ffbc7f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/316", "content": "#exploit\n1. CVE-2019-0785:\nA memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server\nhttps://github.com/Jaky5155/CVE-2019-0785 \n\n2. CVE-2019-0803:\nAn elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory\nhttps://github.com/ExpLife0011/CVE-2019-0803 \n\n3. CVE-2019-0808:\nAn EoP vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory\nhttps://github.com/ze0r/cve-2019-0808-poc\nhttps://github.com/rakesh143/CVE-2019-0808", "creation_timestamp": "2022-07-04T11:34:37.000000Z"}, {"uuid": "8b70e300-077b-4554-b7e2-25f2af1e2978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "seen", "source": "Telegram/0sD_EyHySREvSWLaWKL-XHqTqDduPkHhIy1vEKF4pCPQbv8", "content": "", "creation_timestamp": "2020-10-28T02:58:38.000000Z"}, {"uuid": "d0f207eb-7d02-4d39-8445-67c1ef46ecb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0803", "type": "published-proof-of-concept", "source": "https://t.me/DC8044_Info/236", "content": "https://github.com/ExpLife0011/CVE-2019-0803 #lpe", "creation_timestamp": "2019-05-20T21:55:46.000000Z"}]}