VDB
CNVD-2019-22217
CNVD-2019-22217
PUBLISHED
CVSS 7.800000190734863 HIGH
Microsoft Windows和Microsoft Windows Server都是美国微软(Microsoft)公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。 Microsoft Windows中存在提权漏洞,该漏洞源于Windows AppX部署服务(AppXSVC)未能正确地处理了硬链接,攻击者可通过登录到系统上并运行特制的应用程序利用该漏洞获取提升的权限。
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Server | 2012 (Core installation), 2012 R2 (Core installation), 2012 |
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems | * |
| Microsoft | Windows 10 Version 1903 for x64-based Systems | * |
| Microsoft | Windows Server, version 1903 (Server Core installation) | unspecified |
| Microsoft | Windows 10 Version 1903 for 32-bit Systems | unspecified |
| Microsoft | Windows | 10 Version 1809 for 32-bit Systems, 10 Version 1809 for x64-based Systems, 10 Version 1809 for ARM64-based Systems |
Exploit Intelligence
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1130 (circl)
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1130 (circl)
- CIRCL exploited: CVE-2019-1130 (circl-sighting)
- CIRCL seen: CVE-2019-1130 (circl-sighting)
- CIRCL seen: CVE-2019-1130 (circl-sighting)
- CIRCL seen: CVE-2019-1130 (circl-sighting)
- CIRCL seen: CVE-2019-1130 (circl-sighting)
Timeline
- Jul 10, 2019 CVE Published
- Jun 14, 2023 PoC Published
- Dec 24, 2024 PoC Published
- Jan 15, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Feb 2, 2026 PoC Published