Vulnerability Description
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 1703 | - |
| Microsoft | Windows 10 1709 | - |
| Microsoft | Windows 10 1803 | - |
| Microsoft | Windows 10 1809 | - |
| Microsoft | Windows 10 1903 | - |
| Microsoft | Windows Server 1803 | - |
| Microsoft | Windows Server 1903 | - |
| Microsoft | Windows Server 2019 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/154488/AppXSvc-17763.1.amd64fre.rs5_releaseThird Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1253PatchVendor Advisory
- http://packetstormsecurity.com/files/154488/AppXSvc-17763.1.amd64fre.rs5_releaseThird Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1253PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-US Government Resource
FAQ
What is CVE-2019-1253?
CVE-2019-1253 is a vulnerability with a CVSS score of 7.8 (HIGH). An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the...
How severe is CVE-2019-1253?
CVE-2019-1253 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-1253?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10 1703, Microsoft Windows 10 1709, Microsoft Windows 10 1803, Microsoft Windows 10 1809, Microsoft Windows 10 1903.