CVE-2019-1064

CVE Database · CVE-2019-1064

CVE-2019-1064

· HIGHAnalyzed

CVSS v3.1

7.8

EPSS

6.89%

Published

Jun 12, 2019

Modified

Oct 29, 2025

CISA Known Exploited Vulnerability

Added: 2022-03-15 · Due: 2022-04-05

Apply updates per vendor instructions.

Public PoC / Exploit (4)

All weaponized →

TrickestTrickest PoC index GitHub PoCRythmStick/CVE-2019-1064★26 GitHub PoC0x00-0x00/CVE-2019-1064★11 GitHub PoCattackgithub/CVE-2019-1064★1

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-59CWE-59

Affected Products (21)

microsoft · windows_10_1607vulnerable

microsoft · windows_10_1703vulnerable

microsoft · windows_10_1709vulnerable

microsoft · windows_10_1803vulnerable

References (3)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1064

PatchVendor Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1064

PatchVendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1064

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs