vulnerability
Microsoft Windows: CVE-2019-1267: Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Sep 10, 2019 | Sep 10, 2019 | Sep 5, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Sep 10, 2019
Added
Sep 10, 2019
Modified
Sep 5, 2025
Description
An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks, aka 'Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability'.
Solutions
microsoft-windows-windows_10-1507-kb4516070microsoft-windows-windows_10-1607-kb4516044microsoft-windows-windows_10-1703-kb4516068microsoft-windows-windows_10-1709-kb4516066microsoft-windows-windows_10-1803-kb4516058microsoft-windows-windows_10-1809-kb4512578microsoft-windows-windows_10-1903-kb4515384microsoft-windows-windows_server_2012_r2-kb4516064microsoft-windows-windows_server_2016-1607-kb4516044microsoft-windows-windows_server_2019-1809-kb4512578msft-kb4515384-1fec8c01-d96f-4692-9c3f-533f1966ba0fmsft-kb4516033-03092e33-5b1d-4cc9-bcf9-578e906cefb2msft-kb4516033-0ac4e288-0e6c-4bee-99a6-2dc8491bd6e6msft-kb4516033-59d96021-d80c-446b-9cb3-ff0b6178c0b2msft-kb4516033-78d9fe94-89a2-4a23-aa35-dff5e55adbf0msft-kb4516033-8355f60a-e69c-49bf-b934-6b9aedfc75b7msft-kb4516033-cae28dc4-51e5-4572-b3f3-a3f4a1064beemsft-kb4516064-90e2bb11-b4ba-4212-90e4-d82f4434a4c9msft-kb4516064-c31ee34e-e1cb-42ba-9f96-28a38c3e45a7
References
- CVE-2019-1267
- https://attackerkb.com/topics/CVE-2019-1267
- CWE-59
- URL-https://support.microsoft.com/help/4512578
- URL-https://support.microsoft.com/help/4515384
- URL-https://support.microsoft.com/help/4516044
- URL-https://support.microsoft.com/help/4516058
- URL-https://support.microsoft.com/help/4516064
- URL-https://support.microsoft.com/help/4516066
- URL-https://support.microsoft.com/help/4516068
- URL-https://support.microsoft.com/help/4516070
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.