CVE-2020-0814

HIGH

Windows Installer - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0842, CVE-2020-0843.

Exploits (1)

inthewild

poc

https://github.com/klinix5/cve-2020-0814

View on inthewild

References (1)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0814

Scores

CVSS v3 7.8

EPSS 0.0062

EPSS Percentile 70.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (19)

microsoft/windows_10

microsoft/windows_10 1607

microsoft/windows_10 1709

microsoft/windows_10 1803

microsoft/windows_10 1809

microsoft/windows_10 1903

microsoft/windows_10 1909

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

... and 9 more

Published Mar 12, 2020

Tracked Since Feb 18, 2026