An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.
Product | CPU Architecture | Version | Update | Tested |
---|---|---|---|---|
Windows 10 | x86/x64 | 1703 | ||
Windows 10 | x86/x64 | 1709 | ||
Windows 10 | x86/x64/arm64 | 1803 | ||
Windows 10 | x86/x64/arm64 | 1809 | ||
Windows 10 | x86/x64/arm64 | 1903 | ||
Windows Server 2019 | ||||
Windows Server | 1803 | |||
Windows Server | 1903 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1253
该漏洞并未进行测试,根目录留存着网络收集**[CVE编号].zip**的EXP或者POC,代码状态未知