Symlink Exploitation in Windows User Profile Service: Elevation of Privilege Vulnerability

Symlink Exploitation in Windows User Profile Service: Elevation of Privilege Vulnerability

CVE-2019-0986 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:P

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

Learn more about our User Device Pen Test.