CVE-2019-1064

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation...

Basic Information

CVE State: PUBLISHED
Reserved Date: November 26, 2018
Published Date: June 12, 2019
Last Updated: February 07, 2025
Vendor: Microsoft
Product: Windows Server, Windows, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)
Description: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2022-03-15 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2019-06-16 09:31:11 UTC) Source
Used in Malware: Yes (added 2022-03-15 00:00:00 UTC) Source

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1064

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-03-15 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

attackgithub/CVE-2019-1064

Type: github • Created: 2019-06-16 09:31:11 UTC • Stars: 1

CVE-2019-1064 - AppXSVC Local Privilege Escalation

0x00-0x00/CVE-2019-1064

Type: github • Created: 2019-06-12 15:54:55 UTC • Stars: 11

CVE-2019-1064 Local Privilege Escalation Vulnerability

RythmStick/CVE-2019-1064

Type: github • Created: 2019-06-12 10:21:35 UTC • Stars: 24

CVE-2019-1064 Local Privilege Escalation Vulnerability