CVE-2020-0638

HIGH KEV RANSOMWARE

Microsoft Windows 10 1709 - Symlink Following

Title source: rule

Description

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.

References (2)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0638

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0638

Scores

CVSS v3 7.8

EPSS 0.0148

EPSS Percentile 81.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-05-23

VulnCheck KEV 2022-03-24

InTheWild.io 2022-03-24

ENISA EUVD EUVD-2020-2132

Ransomware Use Confirmed

CWE

CWE-59

Status published

Products (9)

microsoft/windows_10_1709 (2 CPE variants)

microsoft/windows_10_1803 (2 CPE variants)

microsoft/windows_10_1809 (3 CPE variants)

microsoft/windows_10_1903 (3 CPE variants)

microsoft/windows_10_1909 (3 CPE variants)

microsoft/windows_server_1803

microsoft/windows_server_1903

microsoft/windows_server_1909

microsoft/windows_server_2019

Published Jan 14, 2020

KEV Added May 23, 2022

Tracked Since Feb 18, 2026