CVE-2020-16940

Опубликовано: 16 окт. 2020

Источник: nvd

CVSS3: 7.8

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.

The security update addresses the vulnerability by correcting how the Windows User Profile Service handles junction points.

Ссылки

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16940
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1248/
Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16940
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1248/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00507

Низкий

7.8 High

CVSS3

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-269

Связанные уязвимости

CVE-2020-16940

CVSS3: 7.8

msrc

больше 4 лет назад

Windows - User Profile Service Elevation of Privilege Vulnerability

GHSA-386j-h4xj-j5ph

CVSS3: 7.8

github

около 3 лет назад

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points, aka 'Windows - User Profile Service Elevation of Privilege Vulnerability'.

BDU:2020-05462

CVSS3: 7.8

fstec

больше 4 лет назад

Уязвимость службы Windows User Profile Service (ProfSvc) операционных систем Windows, позволяющая нарушителю повысить свои привилегии

BDU:2020-04888

CVSS3: 5.5

fstec

больше 4 лет назад

Уязвимость службы профилей пользователя Windows User Profile Service (ProfSvc) операционных систем Windows, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 65%

0.00507

Низкий

7.8 High

CVSS3

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-269