CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-0841

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score47.7320%
EPSS Percentile97.32th
Published2019年4月9日
Last Modified2025年10月29日

Vulnerability Description

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.

Affected Platforms (CPE)

💻
Microsoft

Windows 10 1703

All versions
💻
Microsoft

Windows 10 1709

All versions
💻
Microsoft

Windows 10 1803

All versions
💻
Microsoft

Windows 10 1809

All versions
💻
Microsoft

Windows Server 2016

= 1803
💻
Microsoft

Windows Server 2019

All versions

References & Advisories

🔗 http://packetstormsecurity.com/files/152463/Microsoft-Windows-AppX-Deployment-Service-Privilege-Escalation.html
🔗 http://packetstormsecurity.com/files/153009/Internet-Explorer-JavaScript-Privilege-Escalation.html
🔗 http://packetstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
🔗 http://packetstormsecurity.com/files/153215/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
🔗 http://packetstormsecurity.com/files/153642/AppXSvc-Hard-Link-Privilege-Escalation.html
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0841
🔗 https://www.exploit-db.com/exploits/46683/
🔗 https://www.zerodayinitiative.com/advisories/ZDI-19-360/

相關漏洞威脅

CVE-2017-85899.8

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 1...

CVE-2017-117719.8

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server...

CVE-2017-85439.8

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R...

CVE-2017-118999.8

Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security featu...