VYPR
Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Nov 18, 2024

Windows Elevation of Privilege Vulnerability

CVE-2020-16877

Description

An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and overwrite or delete files. The security update addresses the vulnerability by correcting how Windows handles reparse points.

Affected products

4
  • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Range: 10.0.0
  • cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*range: 10.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.