Vulnerability Details CVE-2019-1385
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.1
Proposed Action
A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.
Ransomware Campaign
Known
References
Products affected by CVE-2019-1385
-
cpe:2.3:o:microsoft:windows_10_1709:-
-
cpe:2.3:o:microsoft:windows_10_1803:-
-
cpe:2.3:o:microsoft:windows_10_1809:-
-
cpe:2.3:o:microsoft:windows_10_1903:-
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2019:-