CVE-2019-0841: Microsoft Windows AppX Deployment Service Hard Link Privilege Escalation Vulnerability
First published: Tue Apr 09 2019(Updated: )
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows | ||
| Microsoft Windows 10 1703 | ||
| Microsoft Windows 10 1709 | ||
| Microsoft Windows 10 1803 | ||
| Microsoft Windows 10 1809 | ||
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows Server 2019 | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/152463/Microsoft-Windows-AppX-Deployment-Service-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153009/Internet-Explorer-JavaScript-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153215/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153642/AppXSvc-Hard-Link-Privilege-Escalation.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0841
- https://www.exploit-db.com/exploits/46683/
- https://www.zerodayinitiative.com/advisories/ZDI-19-360/
- https://nvd.nist.gov/vuln/detail/CVE-2019-0841
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2019-0841.
What is the severity of CVE-2019-0841?
The severity of CVE-2019-0841 is high with a CVSS score of 7.8.
How does this vulnerability allow privilege escalation?
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows.
What is the affected software?
The affected software includes Microsoft Windows, Microsoft .NET Framework, Microsoft Visual Studio, and Microsoft Windows Server.
How can the vulnerability CVE-2019-0841 be exploited?
To exploit this vulnerability, an attacker must first obtain the ability to execute low-privileged code on the target system.
- agent/type
- agent/title
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-19-360
- alias/ZDI-CAN-7753
- alias/CVE-2019-0841
- agent/software-canonical-lookup
- agent/event
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/tags
- collector/nvd-cve
- source/NVD
- vendor/microsoft
- canonical/microsoft windows 10 1703
- canonical/microsoft windows 10 1709
- canonical/microsoft windows 10 1803
- canonical/microsoft windows 10 1809
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1803
- canonical/microsoft windows server 2019
- canonical/microsoft windows