cve/2019/CVE-2019-0841.md

### [CVE-2019-0841](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0841)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen)

### Description

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.

### POC

#### Reference
- http://packetstormsecurity.com/files/152463/Microsoft-Windows-AppX-Deployment-Service-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153009/Internet-Explorer-JavaScript-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153114/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153215/Microsoft-Windows-AppX-Deployment-Service-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/153642/AppXSvc-Hard-Link-Privilege-Escalation.html
- https://www.exploit-db.com/exploits/46683/

#### Github
- https://github.com/0x00-0x00/CVE-2019-0841-BYPASS
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/BC-SECURITY/Moriarty
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
- https://github.com/JERRY123S/all-poc
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/S3cur3Th1sSh1t/SharpByeBear
- https://github.com/S3cur3Th1sSh1t/SharpPolarBear
- https://github.com/S3cur3Th1sSh1t/WinPwn
- https://github.com/SexurityAnalyst/Watson
- https://github.com/SexurityAnalyst/WinPwn
- https://github.com/SofianeHamlaoui/Conti-Clear
- https://github.com/TheJoyOfHacking/rasta-mouse-Watson
- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/deadjakk/patch-checker
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/edsonjt81/Watson
- https://github.com/edsonjt81/dazzleUP
- https://github.com/emtee40/win-pwn
- https://github.com/hack-parthsharma/WinPwn
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/hlldz/dazzleUP
- https://github.com/index-login/watson
- https://github.com/jbmihoub/all-poc
- https://github.com/k0imet/CVE-POCs
- https://github.com/kdandy/WinPwn
- https://github.com/lawrenceamer/0xsp-Mongoose
- https://github.com/likescam/CVE-2019-0841
- https://github.com/lnick2023/nicenice
- https://github.com/mappl3/CVE-2019-0841
- https://github.com/merlinxcy/ToolBox
- https://github.com/mikepitts25/watson
- https://github.com/mishmashclone/rasta-mouse-Watson
- https://github.com/netkid123/Watson
- https://github.com/netkid123/WinPwn-1
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/offsec-ttps/CVE2019-1253-Compiled
- https://github.com/paramint/Watson-Windows-check-KB
- https://github.com/pwninx/Watson
- https://github.com/pwninx/WinPwn
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/rasta-mouse/Watson
- https://github.com/retr0-13/WinPwn
- https://github.com/rnbochsr/Relevant
- https://github.com/rogue-kdc/CVE-2019-0841
- https://github.com/sgabe/CVE-2019-1253
- https://github.com/sgabe/CVE-2019-1476
- https://github.com/shubham0d/SymBlock
- https://github.com/txuswashere/Pentesting-Windows
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/xbl3/awesome-cve-poc_qazbnm456