CVE-2020-0793

4 documents4 sources
Severity
7.8HIGH
EPSS
0.4%
top 41.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
17
Microsoft Visual Studio 2017Microsoft Visual Studio 2019Microsoft Microsoft Visual Studio+14 more
Timeline
PublishedMar 12
Latest updateMay 24

Description

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages17 packages

NVDmicrosoft/visual_studio_201715.115.9
NVDmicrosoft/visual_studio_201916.016.4
CVEListV5microsoft/windows13 versions+12
NVDmicrosoft/windows1803, 1903, 1909+2
NVDmicrosoft/windows_106 versions+5

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-cp8g-495j-p236: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostic2022-05-24
CVEList
CVE-2020-0793: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostic2020-03-12

📋Vendor Advisories

1
Microsoft
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability2020-03-10
CVE-2020-0793 (HIGH CVSS 7.8) | An elevation of privilege vulnerabi | cvebase.io