CVE-2020-1002
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
Published at
2020-04-15T15:15Z
1475 days ago
Modified
2021-09-09T13:33Z
963 days ago
NVD-CWE-noinfo
Problem type
Impact
- CVSS v3 vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Severity Score Vector
7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HReferences
URL | Type |
---|---|
N/A https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1002 | N/A |
GET https://vulnerabilitydata.com/api/details/CVE-2020-1002
{ "id": "CVE-2020-1002", "published_date": "2020-04-15T15:15Z", "last_modified_date": "2021-09-09T13:33Z", "assigner": "secure@microsoft.com", "description": "An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.", "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1002", "name": "N/A", "refsource": "N/A", "tags": [ "Patch", "Vendor Advisory" ] } ], "impact": { "baseMetricV3": { "cvssV3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.2 }, "baseMetricV2": { "cvssV2": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 6.6 }, "severity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 9.2, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } }, "problem_type": "NVD-CWE-noinfo" }