Unrated severityCISA KEVNVD Advisory· Published Apr 9, 2019· Updated Oct 21, 2025

CVE-2019-0841

Description

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.

Affected products

Microsoft/Windowsv5
Range: 10 Version 1703 for 32-bit Systems
Microsoft/Windows Serverv5
Range: version 1709 (Core Installation)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/46683/mitreexploitx_refsource_EXPLOIT-DB
packetstormsecurity.com/files/152463/Microsoft-Windows-AppX-Deployment-Service-Privilege-Escalation.htmlmitrex_refsource_MISC
packetstormsecurity.com/files/153009/Internet-Explorer-JavaScript-Privilege-Escalation.htmlmitrex_refsource_MISC
packetstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.htmlmitrex_refsource_MISC
packetstormsecurity.com/files/153215/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.htmlmitrex_refsource_MISC
packetstormsecurity.com/files/153642/AppXSvc-Hard-Link-Privilege-Escalation.htmlmitrex_refsource_MISC
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0841mitrex_refsource_MISC
www.zerodayinitiative.com/advisories/ZDI-19-360/mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.066
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.060