Cyber Resilience

CVE-2009-1123

HighCISA KEVActive ExploitationEUVD Exploited

Published: 10 June 2009

Published
10 June 2009
Modified
22 April 2026
KEV Added
03 March 2022
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0517 90.1th percentile
Risk Priority 39 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2009-1123 is a high-severity an unspecified weakness vulnerability in Microsoft Windows Xp. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 9.9% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

The vulnerability tracked as CVE-2009-1123 affects the kernel component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold through SP2, and Server 2008 SP2. It stems from improper validation of changes to unspecified kernel objects, which is tracked under the alias "Windows Kernel Desktop Vulnerability" and carries a CVSS 3.1 base score of 7.8.

Local users can exploit the flaw by running a crafted application on an affected system, resulting in an elevation of privileges that grants full control over the target host. The attack vector requires local access and some user interaction but does not need prior administrative rights.

Public advisories and technical alerts referencing the issue are available from sources such as US-CERT, SecurityTracker, Secunia, and OSVDB, providing further details on affected platforms and recommended actions.

EU & UK References

Vulnerability details

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via…

more

a crafted application, aka "Windows Kernel Desktop Vulnerability."

CWE(s)
KEV Date Added
03 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
windows 2000
all versions
microsoft
windows server 2003
all versions
microsoft
windows server 2008
all versions
microsoft
windows vista
all versions
microsoft
windows xp
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces access validation on kernel objects so that unauthorized changes attempted by a crafted local application cannot succeed.

prevent

Provides memory and object protection mechanisms that can block the unauthorized kernel-object modifications exploited by this local privilege-escalation flaw.

prevent

Limits the privileges available to non-administrative local users, thereby reducing the impact even if the kernel validation flaw is triggered.

References