Having knowledge of the exploit itself does not seem to factor in to determining the complexity of the exploit. Rather, it appears to document the complexity of executing it against any given target, given that the exploit is known to the attacker (and someone else has done the hard work of finding it). See the 'A successful attack depends on conditions beyond the attacker's control.' part in the documentation of 'high'.

In this exploit, there are hardly any conditions beyond the attacker's control which must be satisfied.