An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka Windows Elevation of Privilege Vulnerability.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_10 | Microsoft | 1607 (including) | 1607 (including) |
Windows_10 | Microsoft | 1703 (including) | 1703 (including) |
Windows_10 | Microsoft | 1709 (including) | 1709 (including) |
Windows_10 | Microsoft | 1803 (including) | 1803 (including) |
Windows_10 | Microsoft | 1809 (including) | 1809 (including) |
Windows_10 | Microsoft | 1903 (including) | 1903 (including) |
Windows_server_2016 | Microsoft | - (including) | - (including) |
Windows_server_2016 | Microsoft | 1803 (including) | 1803 (including) |
Windows_server_2016 | Microsoft | 1903 (including) | 1903 (including) |
Windows_server_2019 | Microsoft | - (including) | - (including) |