CVE-2019-0803

ENISA EUVD: EUVD-2019-1559 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 3 articles

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

88.84%

probability

This CVE has a 88.84% probability of being exploited in the next 30 days.

0% Top 99.5th percentile of all CVEs 100%

CVSS v3.1

Source: NVD

7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Project Zero

Unspecified memory corruption in win32k

Affected Products

Google Project Zero

Patched

April 9, 2019

Reported by

Donghai Zhu of Alibaba Cloud Intelligence Security Team

Root Cause Analysis

???

Patched Windows Zero-Day Provided Full Control Over Vulnerable Systems

BleepingComputer Apr 15, 2019

Microsoft's April 2019 Patch Tuesday Fixes 74 Vulnerabilities

BleepingComputer Apr 09, 2019

April 2019 Patch Tuesday – 74 Vulns, 16 Critical, 2 Actively Attacked, 1 PoC Exploit, Adobe Vulns

Qualys Apr 09, 2019

Signal Intelligence

Confidenceⓘ

95%

EPSS 88.84%

CVSS v3.1 7.8

Mentions 3

Last Seen Apr 15, 2019

CNA Information

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Threat Actors 3

Cobalt

apt_group Financial crime 🇷🇺 RU

The Shadow Brokers

apt_group 🇷🇺 RU

Equation Group

apt_group Sabotage and destruction 🇺🇸 US

Triage Info

Decided atMar 05, 2026