CVE-2019-1385

Sažetak

An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1385
https://www.zerodayinitiative.com/advisories/ZDI-19-979/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1385
https://www.zerodayinitiative.com/advisories/ZDI-19-979/

CVSS

Base:	6.1
Impact:	8.5
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:C

Zadnje važnije ažuriranje

07-02-2025 - 17:15

Objavljeno

12-11-2019 - 19:15