CVE-2020-1302
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/06/2020
Last modified:
21/07/2021
Description
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1272, CVE-2020-1277, CVE-2020-1312.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* | ||
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* | ||
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* | ||
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page