Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2020-1170

CWE-732Incorrect Permission AssignmentCWE-269Improper Privilege Management5 documents5 sources
Severity
7.8HIGH
EPSS
0.2%
top 63.76%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
42
Microsoft Microsoft Forefront Endpoint ProtectionMicrosoft Microsoft Security EssentialsMicrosoft Microsoft System Center+39 more
Timeline
PublishedJun 9
Latest updateMay 24

Description

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1163.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages42 packages

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-92hx-wh5h-gmwr: An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system2022-05-24
CVEList
CVE-2020-1170: An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system2020-06-09

💥Exploits & PoCs

1
Metasploit
CVE-2020-1170 Cloud Filter Arbitrary File Creation EOP

📋Vendor Advisories

1
Microsoft
Microsoft Windows Defender Elevation of Privilege Vulnerability2020-06-09
CVE-2020-1170 (HIGH CVSS 7.8) | An elevation of privilege vulnerabi | cvebase.io