CVE-2019-1483
HIGHWindows 10 and Windows Server 2016/2019 - Elevation of Privilege via AppX Deployment Server Junction Handling
Title source: llmDescription
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1476.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1483
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-19-1005/
Scores
CVSS v3
7.8
EPSS
0.0175
EPSS Percentile
74.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-59
Status
published
Products (9)
microsoft/windows_10
1709
microsoft/windows_10
1803
microsoft/windows_10
1809
microsoft/windows_10
1903
microsoft/windows_10
1909
microsoft/windows_server_2016
1803
microsoft/windows_server_2016
1903
microsoft/windows_server_2016
1909
microsoft/windows_server_2019
Published
Dec 10, 2019
Tracked Since
Feb 18, 2026