VYPR
Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Nov 15, 2024

Windows Setup Elevation of Privilege Vulnerability

CVE-2020-16908

Description

An elevation of privilege vulnerability exists in Windows Setup in the way it handles directories. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by ensuring Windows Setup properly handles directories.

Affected products

8
  • Microsoft/Windowsllm-create
  • Microsoft/Windows 10 Version 1803v5
    Range: N/A
  • Range: N/A
  • Microsoft/Windows 10 Version 1903 for 32-bit Systemsv5
    Range: N/A
  • Microsoft/Windows 10 Version 1903 for ARM64-based Systemsv5
    Range: N/A
  • Microsoft/Windows 10 Version 1903 for x64-based Systemsv5
    Range: N/A
  • Range: N/A
  • Microsoft/Windows 10 Version 2004v5
    Range: N/A

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.