CVE-2019-1385

moderate-risk

Published 2019-11-12

An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.

Do I need to act?

0.49% chance of exploitation

EPSS score — low exploit probability

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (6)

Windows 10 1709

Windows 10 1803

Windows 10 1809

Windows 10 1903

Windows Server 2016

Windows Server 2019

Affected Vendors

Microsoft

References (5)

Patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1385

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-19-979/

Patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1385

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-19-979/

US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-...

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 9/34 · Low

Exposure 13/34 · Low