A recently fixed local privilege escalation flaw in windows (CVE-2019-0803) had been exploited by bad actors to deliver PowerShell Backdoor. The vulnerability was discovered by Kaspersky Lab that reported it to the tech giant on March 17. Attackers used the vulnerability to create an HTTP reverse shell that allows them to take complete control of the targeted device. The security firm revealed that the vulnerability has been used by an unnamed threat actor to execute PowerShell, Microsoft’s task automation and configuration management framework.”]
Source: https://securityaffairs.co/wordpress/83903/hacking/cve-2019-0803-windows-flaw.html