Microsoft Windows Error Reporting Elevation of Privilege Vulnerability


An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files.


The information has been provided by Gal De Leon

The original article can be found at:



An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges.

Vulnerable Systems:
Microsoft Windows Server 2019

Microsoft Windows 10

CVE Information:


Disclosure Timeline:
Published Date:07/16/2019