CVE-2020-1163 — Improper Privilege Management in Microsoft Forefront Endpoint Protection

CWE-269 — Improper Privilege Management4 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.2%

top 54.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

36

Microsoft Forefront Endpoint Protection Microsoft Security Essentials Microsoft System Center +33 more

Timeline

PublishedJun 9

Latest updateMay 24

Description

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1170.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages36 packages

▶CVEListV5microsoft/windows_defender_on_windows_7_for_32-bit_systemsService Pack 1

▶CVEListV5microsoft/windows_defender_on_windows_10_for_32-bit_systemsunspecified

▶CVEListV5microsoft/windows_defender_on_windows_8.1_for_32-bit_systemsunspecified

▶CVEListV5microsoft/windows_defender_on_windows_7_for_x64-based_systemsService Pack 1

▶CVEListV5microsoft/windows_defender_on_windows_10_for_x64-based_systemsunspecified

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

2

GHSA

GHSA-r3xg-94cc-pwx3: An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system↗2022-05-24

▶

CVEList

CVE-2020-1163: An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system↗2020-06-09

▶

📋Vendor Advisories

1

Microsoft

Microsoft Windows Defender Elevation of Privilege Vulnerability↗2020-06-09

▶

CVE-2020-1163 — Improper Privilege Management | cvebase