Lucene search

[email protected]NVD:CVE-2020-0814

HistoryMar 12, 2020 - 4:15 p.m.

CVE-2020-0814

2020-03-1216:15:16

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

29.2%

JSON

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka ‘Windows Installer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0842, CVE-2020-0843.

Affected configurations

NVD

Node

microsoftwindows_10Match-

microsoftwindows_10Match1607

microsoftwindows_10Match1709

microsoftwindows_10Match1803

microsoftwindows_10Match1809

microsoftwindows_10Match1903

microsoftwindows_10Match1909

microsoftwindows_7Match-sp1

microsoftwindows_8.1Match-

microsoftwindows_rt_8.1Match-

microsoftwindows_server_2008Match-sp2

microsoftwindows_server_2008Matchr2sp1x64

microsoftwindows_server_2008Matchr2sp1itanium

microsoftwindows_server_2012Match-

microsoftwindows_server_2012Matchr2

microsoftwindows_server_2016Match-

microsoftwindows_server_2016Match1803

microsoftwindows_server_2016Match1903

microsoftwindows_server_2016Match1909

microsoftwindows_server_2019Match-

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0814

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

29.2%

JSON

Related for NVD:CVE-2020-0814

prion5 cve5 cvelist5 nvd4 mscve5 mskb14 nessus10 attackerkb1 kaspersky2 openvas8