← Retour aux CVEs
CVE-2020-1590
MEDIUM6.6
Description
<p>An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.</p> <p>To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service handles file operations.</p>
Details CVE
Score CVSS v3.16.6
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie9/11/2020
Derniere modification2/23/2026
Sourcenvd
Observations honeypot0
Produits affectes
microsoft:windows_10microsoft:windows_server_2016microsoft:windows_server_2019
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1590(secure@microsoft.com)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1590(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.