Skip to content
AppXSvc Arbitrary File Security Descriptor Overwrite EoP
C++ C
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
AppXSvcEoP
AppXSvcEoP.gif Add files via upload Sep 15, 2019
AppXSvcEoP.png Add files via upload Sep 15, 2019
AppXSvcEoP.sln Add files via upload Sep 11, 2019
README.md Update README.md Sep 12, 2019

README.md

CVE-2019-1253

AppXSvc Arbitrary File Security Descriptor Overwrite EoP

I have independently reported this vulnerability to MSRC, however, my submission turned out to be a duplicate due to the fact that the fix for CVE-2019-1253 also addressed this issue. My PoC differs from the ones created by Chris Danieli or Nabeel Ahmed because this exploit gives 'Full Control' over the target file. My research was inspired by CVE-2019-0841 originally reported by Nabeel Ahmed.

Video PoC

You can’t perform that action at this time.