{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-04T02:08:37.537","vulnerabilities":[{"cve":{"id":"CVE-2019-1253","sourceIdentifier":"secure@microsoft.com","published":"2019-09-11T22:15:16.337","lastModified":"2025-10-29T14:37:02.920","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303."},{"lang":"es","value":"Se presenta una vulnerabilidad de elevación de privilegios cuando Windows AppX Deployment Server maneja inapropiadamente las uniones. Para explotar esta vulnerabilidad, un atacante primero tendría que alcanzar la ejecución en el sistema víctima, también se conoce como \"Windows Elevation of Privilege Vulnerability\". Este ID de CVE es diferente de CVE-2019-1215, CVE-2019-1278, CVE-2019-1303."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2022-03-15","cisaActionDue":"2022-04-05","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x64:*","matchCriteriaId":"B98DB3FF-CC3B-4E9F-A9CC-EC4C89AF3B31"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x86:*","matchCriteriaId":"8733BF37-7BF2-409D-9452-DA8A92DA1124"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:*","matchCriteriaId":"555C22C7-356D-4DA7-8CED-DA7423BBC6CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:*","matchCriteriaId":"469F95D3-ABBB-4F1A-A000-BE0F6BD60FF6"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x86:*","matchCriteriaId":"D76003FB-EE99-4D8E-B6A0-B13C2041E5A0"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:*","matchCriteriaId":"40151476-C0FD-4336-8194-039E8827B7C8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:*","matchCriteriaId":"D82F8AF7-ED01-4649-849E-F248F0E02384"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x86:*","matchCriteriaId":"C1CFB53B-B17B-47BD-BAC1-C6C5D168FFB6"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*","matchCriteriaId":"73D24713-D897-408D-893B-77A61982597D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*","matchCriteriaId":"306B7CE6-8239-4AED-9ED4-4C9F5B349F58"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*","matchCriteriaId":"345FCD64-D37B-425B-B64C-8B1640B7E850"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*","matchCriteriaId":"9E1ED169-6F03-4BD5-B227-5FA54DB40AD7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*","matchCriteriaId":"5C5B5180-1E12-45C2-8275-B9E528955307"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*","matchCriteriaId":"B6A0DB01-49CB-4445-AFE8-57C2186857BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*","matchCriteriaId":"37097C39-D588-4018-B94D-5EB87B1E3D5A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:x64:*","matchCriteriaId":"FFE3495D-291C-46B6-B758-23E16A53A7C3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/154488/AppXSvc-17763.1.amd64fre.rs5_release.180914-1434-Privilege-Escalation.html","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1253","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/154488/AppXSvc-17763.1.amd64fre.rs5_release.180914-1434-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1253","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1253","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}