CVE-2020-0984

HIGH

Microsoft AutoUpdate - Elevation of Privilege via Improper Update Validation

Title source: llm
STIX 2.1

Description

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of Privilege Vulnerability'.

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0101
EPSS Percentile 58.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
microsoft/autoupdate
Published Apr 15, 2020
Tracked Since Feb 18, 2026