CVE-2020-0984
HIGHMicrosoft AutoUpdate - Elevation of Privilege via Improper Update Validation
Title source: llmDescription
An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of Privilege Vulnerability'.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0984
Scores
CVSS v3
7.8
EPSS
0.0101
EPSS Percentile
58.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
microsoft/autoupdate
Published
Apr 15, 2020
Tracked Since
Feb 18, 2026