An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka Windows Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2019-1130.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_10 | Microsoft | 1703 | 1703 |
Windows_10 | Microsoft | 1709 | 1709 |
Windows_10 | Microsoft | 1803 | 1803 |
Windows_server_2016 | Microsoft | 1803 | 1803 |
Windows_server_2019 | Microsoft | - | - |
Windows_10 | Microsoft | 1809 | 1809 |
Windows_server_2016 | Microsoft | 1903 | 1903 |
Windows_10 | Microsoft | 1903 | 1903 |