vulnerability

Microsoft Windows: CVE-2019-1170: Windows NTFS Elevation of Privilege Vulnerability

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Aug 13, 2019

Added

Aug 13, 2019

Modified

Sep 5, 2025

Description

An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'.

Solutions

microsoft-windows-windows_10-1809-kb4511553microsoft-windows-windows_10-1903-kb4512508microsoft-windows-windows_server_2019-1809-kb4511553msft-kb4512508-35cff443-e9f5-4d0a-a8fc-7fe8a39ab515

References

CVE-2019-1170
https://attackerkb.com/topics/CVE-2019-1170
CWE-862
https://support.microsoft.com/help/4511553
https://support.microsoft.com/help/4512508

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report