There exists a privilege escalation vulnerability for Windows 10 builds prior to build 17763. Due to the AppXSvc's improper handling of hard links, a user can gain full privileges over a SYSTEM-owned file. The user can then utilize the new file to execute code as SYSTEM. This Metasploit module employs a technique using the Diagnostics Hub Standard Collector Service (DiagHub) which was discovered by James Forshaw to load and execute a DLL as SYSTEM.
768fb56de1ec7de8dd28e560c3995953fbeca7925352b92e82d879e144ae0251
Microsoft Windows AppX Deployment Service local privilege escalation exploit that bypasses CVE-2019-0841.
af562c39c5eded599da71b9d67500497398f715a41c963012aa2ae2f496664cc
Microsoft Windows suffers from a deployment service local privilege escalation vulnerability that bypasses the fix for CVE-2019-0841.
caaa2612710f8787fcf3720235ce07701e951b4de14708d2dd49578f5a204107
Internet Explorer 11 exploit that allows attackers to execute JavaScript with higher system access than is normally permitted by the browser sandbox.
7201c91d0285dfceb33caf8cf4b721c934c72d5d2f45225ca7e38a1614207c23
Microsoft Windows AppX deployment service privilege escalation exploit.
1460b5312b5682cc658f0829b40c8e8711a2d4883539bf45739ebf57d5a634a3