Lucene search
MicrosoftCVE-2020-1204HistoryJun 09, 2020 - 8:15 p.m.
CVE-2020-1204
2020-06-0920:15:13
microsoft
web.nvd.nist.gov
77
cve-2020-1204
elevation of privilege
windows
mobile device management
mdm
diagnostics
vulnerability
nvd
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
9.5%
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka âWindows Mobile Device Management Diagnostics Elevation of Privilege Vulnerabilityâ.
Affected configurations
Node
microsoftwindows_10Match1809
ORmicrosoftwindows_10Match1903
ORmicrosoftwindows_10Match1909
ORmicrosoftwindows_10Match2004
ORmicrosoftwindows_server_2016Match1903
ORmicrosoftwindows_server_2016Match1909
ORmicrosoftwindows_server_2016Match2004
ORmicrosoftwindows_server_2019Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10 | 1809 | cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1903 | cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1909 | cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:* |
| microsoft | windows_10 | 2004 | cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1903 | cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1909 | cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 2004 | cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | - | cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Windows 10 Version 2004 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 2004 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for ARM64-based Systems"
}
]
},
{
"product": "Windows Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2019"
},
{
"status": "affected",
"version": "2019 (Core installation)"
}
]
},
{
"product": "Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1909 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 2004 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 2004 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]Related
prion
prion
Privilege escalation
2020-06-09 20:15:00
cvelist
cvelist
CVE-2020-1204
2020-06-09 19:43:23
mscve
mscve
nvd
nvd
CVE-2020-1204
2020-06-09 20:15:13
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4561608)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4560960)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4557957)
2020-06-10 00:00:00
kaspersky
kaspersky
KLA11807 Multiple vulnerabilities in Microsoft Windows
2020-06-09 00:00:00
nessus
nessus
mskb
mskb
June 9, 2020âKB4557957 (OS Build 19041.329)
2020-06-09 07:00:00
June 9, 2020âKB4561608 (OS Build 17763.1282)
2020-06-09 07:00:00
June 9, 2020âKB4560960 (OS Builds 18362.900 and 18363.900) - EXPIRED
2020-06-17 07:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2020: The Bleeding Ghost of SMB
2020-06-23 01:31:46
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
9.5%
Related for CVE-2020-1204