CVE DATABASE / CVE-2019-1385
CVE-2019-1385
Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability
Confirmed exploited in the wild. Added 2022-05-23.
Federal remediation due 2022-06-13.
Required action: Apply updates per vendor instructions.
Summary
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.
CVSS 3.1 breakdown
| Base score | 7.8 (HIGH) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1385
- https://www.zerodayinitiative.com/advisories/ZDI-19-979/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1385
Data: NIST NVD + CISA KEV. NVD last modified 2025-10-29. Always verify against the vendor advisory before acting.