Skip to content

AppXSvc Arbitrary File Security Descriptor Overwrite EoP

Notifications You must be signed in to change notification settings

sgabe/CVE-2019-1253

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2019-1253

AppXSvc Arbitrary File Security Descriptor Overwrite EoP

I have independently reported this vulnerability to MSRC, however, my submission turned out to be a duplicate due to the fact that the fix for CVE-2019-1253 also addressed this issue. My PoC differs from the ones created by Chris Danieli or Nabeel Ahmed because this exploit gives 'Full Control' over the target file. My research was inspired by CVE-2019-0841 originally reported by Nabeel Ahmed.

Video PoC