| |
Vulnerability CVE-2020-0638
Published: 2020-01-14 Modified: 2020-01-15
Description: |
An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'. |
Type:
CWE-269 (Improper Privilege Management)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.6/10 |
6.4/10 |
3.9/10 |
Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0638
|
|
|
Copyright 2024, cxsecurity.com
|
|
|