cve/2019/CVE-2019-1069.md

### [CVE-2019-1069](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1069)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10.0.10240.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10.0.14393.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10.0.17763.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1607%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1703%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1709%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1803%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1903%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brightgreen)

### Description

An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system.To exploit the vulnerability, an attacker would require unprivileged code execution on a victim system.The security update addresses the vulnerability by correctly validating file operations.

### POC

#### Reference
- https://blog.0patch.com/2019/06/another-task-scheduler-0day-another.html
- https://www.kb.cert.org/vuls/id/119704

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
- https://github.com/S3cur3Th1sSh1t/SharpPolarBear
- https://github.com/S3cur3Th1sSh1t/WinPwn
- https://github.com/SexurityAnalyst/WinPwn
- https://github.com/SofianeHamlaoui/Conti-Clear
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/elinakrmova/WinPwn
- https://github.com/emtee40/win-pwn
- https://github.com/hack-parthsharma/WinPwn
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/k0imet/CVE-POCs
- https://github.com/kdandy/WinPwn
- https://github.com/netkid123/WinPwn-1
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/pwninx/WinPwn
- https://github.com/retr0-13/WinPwn
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-1069](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1069)`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue)`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue)`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10.0.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10.0.10240.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10.0.14393.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=10.0.17763.0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=1607%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=1703%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=1709%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=1803%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=1903%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brightgreen)`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00
			`### Description`

Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system.To exploit the vulnerability, an attacker would require unprivileged code execution on a victim system.The security update addresses the vulnerability by correctly validating file operations.`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00
			`### POC`

			`#### Reference`
			`- https://blog.0patch.com/2019/06/another-task-scheduler-0day-another.html`
			`- https://www.kb.cert.org/vuls/id/119704`

			`#### Github`
			`- https://github.com/0xT11/CVE-POC`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`- https://github.com/ARPSyndicate/cve-scores`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/S3cur3Th1sSh1t/SharpPolarBear`
			`- https://github.com/S3cur3Th1sSh1t/WinPwn`
			`- https://github.com/SexurityAnalyst/WinPwn`
			`- https://github.com/SofianeHamlaoui/Conti-Clear`
			`- https://github.com/alphaSeclab/sec-daily-2019`
			`- https://github.com/developer3000S/PoC-in-GitHub`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`- https://github.com/elinakrmova/WinPwn`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/emtee40/win-pwn`
			`- https://github.com/hack-parthsharma/WinPwn`
			`- https://github.com/hectorgie/PoC-in-GitHub`
			`- https://github.com/k0imet/CVE-POCs`
			`- https://github.com/kdandy/WinPwn`
			`- https://github.com/netkid123/WinPwn-1`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/pwninx/WinPwn`
			`- https://github.com/retr0-13/WinPwn`