← back
CVE-2019-0841

CVE-2019-0841

CVSS 7.8 HIGHEPSS 41.7%● KEVCWE-59
In short

Windows AppX Deployment Service incorrectly handles hard links, allowing an attacker to gain higher-level system privileges. This flaw could let a regular user escalate their access to administrator level.

Technical detail

An improper hard link handling vulnerability in Windows AppXSVC enables local privilege escalation. An attacker with low-level user access can exploit this flaw to gain elevated system privileges by manipulating hard links during the AppX deployment process.

Summary generated and translated by AI from the official description.
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Microsoft · WindowsMicrosoft · Windows Server
public PoCs found14
githubgithub.com/rogue-kdc/CVE-2019-0841242githubgithub.com/0x00-0x00/CVE-2019-0841-BYPASS58githubgithub.com/likekabin/CVE-2019-08412githubgithub.com/mappl3/CVE-2019-08410cve_referencepacketstormsecurity.com/files/153642/AppXSvc-Hard-Link-Privilege-Escalation.htmlunverifiedexploitdbwww.exploit-db.com/exploits/46938unverifiedexploitdbwww.exploit-db.com/exploits/46976unverifiedexploitdbwww.exploit-db.com/exploits/46683unverifiedexploitdbwww.exploit-db.com/exploits/47128unverifiedcve_referencepacketstormsecurity.com/files/152463/Microsoft-Windows-AppX-Deployment-Service-Privilege-Escalation.htmlunverifiedcve_referencewww.exploit-db.com/exploits/46683/unverifiedcve_referencepacketstormsecurity.com/files/153009/Internet-Explorer-JavaScript-Privilege-Escalation.htmlunverifiedcve_referencepacketstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.htmlunverifiedcve_referencepacketstormsecurity.com/files/153215/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/152463/Microsoft-Windows-AppX-Deployment-Service-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/153009/Internet-Explorer-JavaScript-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/153215/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/153642/AppXSvc-Hard-Link-Privilege-Escalation.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0841https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0841https://www.exploit-db.com/exploits/46683/https://www.zerodayinitiative.com/advisories/ZDI-19-360/