Home

Awesome

CVE-2019-1253

AppXSvc Arbitrary File Security Descriptor Overwrite EoP

I have independently reported this vulnerability to MSRC, however, my submission turned out to be a duplicate due to the fact that the fix for CVE-2019-1253 also addressed this issue. My PoC differs from the ones created by Chris Danieli or Nabeel Ahmed because this exploit gives 'Full Control' over the target file. My research was inspired by CVE-2019-0841 originally reported by Nabeel Ahmed.

Video PoC