Lucene search

K
cve[email protected]CVE-2020-1002
HistoryApr 15, 2020 - 3:15 p.m.

CVE-2020-1002

2020-04-1515:15:20
web.nvd.nist.gov
140
cve-2020-1002
elevation privilege
mpsigstub.exe
file deletion
microsoft defender

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.1 High

AI Score

Confidence

High

6.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

9.5%

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka ‘Microsoft Defender Elevation of Privilege Vulnerability’.

Affected configurations

Vulners
NVD
Node
microsoftforefront_endpoint_protection
OR
microsoftsystem_center_configuration_manager
OR
microsoftsystem_center_configuration_manager
OR
microsoftsystem_center_configuration_manager
OR
microsoftsecurity_essentials
OR
microsoftwindows_defender_on_windows_10_1909 for 32-bit systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1909 for x64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1909 for arm64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_server,_version_1909Matchunspecified
OR
microsoftwindows_defender_on_windows_10_1803 for 32-bit systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1803 for x64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_server,_1803 (server core installation)Matchunspecified
OR
microsoftwindows_defender_on_windows_10_1803 for arm64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1809 for 32-bit systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1809 for x64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1809 for arm64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_server_2019Matchunspecified
OR
microsoftwindows_server_2019
OR
microsoftwindows_defender_on_windows_10_1709 for 32-bit systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1709 for x64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1709 for arm64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1903 for 32-bit systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1903 for x64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1903 for arm64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_server,_version_1903Matchunspecified
OR
microsoftwindows_defender
OR
microsoftwindows_defender
OR
microsoftwindows_defender_on_windows_10_1607 for 32-bit systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_10_1607 for x64-based systemsMatchunspecified
OR
microsoftwindows_defender_on_windows_server_2016Matchunspecified
OR
microsoftwindows_server_2016
OR
microsoftwindows_defender
OR
microsoftwindows_defender
OR
microsoftwindows_8.1
OR
microsoftwindows_8.1
OR
microsoftwindows_defender_on_windows_rt_8.1Matchunspecified
OR
microsoftwindows_server_2008
OR
microsoftwindows_server_2008
OR
microsoftwindows_server_2008
OR
microsoftwindows_server_2008
OR
microsoftwindows_server_2008
OR
microsoftwindows_server_2008
OR
microsoftwindows_defender_on_windows_server_2012Matchunspecified
OR
microsoftwindows_defender_on_windows_server_2012Matchunspecified
OR
microsoftwindows_defender_on_windows_server_2012_r2Matchunspecified
OR
microsoftwindows_defender_on_windows_server_2012_r2Matchunspecified
VendorProductVersionCPE
microsoftforefront_endpoint_protection*cpe:2.3:a:microsoft:forefront_endpoint_protection:*:*:*:*:*:*:*:*
microsoftsystem_center_configuration_manager*cpe:2.3:a:microsoft:system_center_configuration_manager:*:*:*:*:*:*:*:*
microsoftsystem_center_configuration_manager*cpe:2.3:a:microsoft:system_center_configuration_manager:*:*:*:*:*:*:*:*
microsoftsystem_center_configuration_manager*cpe:2.3:a:microsoft:system_center_configuration_manager:*:*:*:*:*:*:*:*
microsoftsecurity_essentials*cpe:2.3:a:microsoft:security_essentials:*:*:*:*:*:*:*:*
microsoftwindows_defender_on_windows_10_1909 for 32-bit systemsunspecifiedcpe:2.3:o:microsoft:windows_defender_on_windows_10_1909 for 32-bit systems:unspecified:*:*:*:*:*:*:*
microsoftwindows_defender_on_windows_10_1909 for x64-based systemsunspecifiedcpe:2.3:o:microsoft:windows_defender_on_windows_10_1909 for x64-based systems:unspecified:*:*:*:*:*:*:*
microsoftwindows_defender_on_windows_10_1909 for arm64-based systemsunspecifiedcpe:2.3:o:microsoft:windows_defender_on_windows_10_1909 for arm64-based systems:unspecified:*:*:*:*:*:*:*
microsoftwindows_defender_on_windows_server,_version_1909unspecifiedcpe:2.3:o:microsoft:windows_defender_on_windows_server,_version_1909:unspecified:*:*:*:*:*:*:*
microsoftwindows_defender_on_windows_10_1803 for 32-bit systemsunspecifiedcpe:2.3:o:microsoft:windows_defender_on_windows_10_1803 for 32-bit systems:unspecified:*:*:*:*:*:*:*
Rows per page:
1-10 of 461

CNA Affected

[
  {
    "product": "Microsoft Forefront Endpoint Protection",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2010"
      }
    ]
  },
  {
    "product": "Microsoft System Center",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Endpoint Protection"
      },
      {
        "status": "affected",
        "version": "2012 R2 Endpoint Protection"
      },
      {
        "status": "affected",
        "version": "2012 Endpoint Protection"
      }
    ]
  },
  {
    "product": "Microsoft Security Essentials",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1909 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1909 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1909 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server, version 1909 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1803 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1803 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server, version 1803  (Server Core Installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1803 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1809 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1809 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1809 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2019",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2019  (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1709 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1709 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1709 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1903 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1903 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1903 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server, version 1903 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1607 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 10 Version 1607 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2016",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2016  (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 7 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 1"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 7 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 1"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 8.1 for 32-bit systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows 8.1 for x64-based systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows RT 8.1",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2008 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 2"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2008 for 32-bit Systems (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 2"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2008 for Itanium-Based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 2"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2008 R2 for Itanium-Based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 1"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2008 R2 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 1"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2008 R2 for x64-based Systems (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Service Pack 1"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2012",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2012 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2012 R2",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Defender on Windows Server 2012 R2 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  }
]

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.1 High

AI Score

Confidence

High

6.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

9.5%