CVE-2020-16939

HIGH

Windows Group Policy - Elevation of Privilege via Improper Access Check

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-16939. PoCs published by rogue-kdc.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2020-16939, which involves a folder takeover vulnerability. The code demonstrates how to manipulate file locks and privileges to exploit the vulnerability.

Description

<p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p> <p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p>

Exploits (1)

nomisec WORKING POC 12 stars
by rogue-kdc · poc
https://github.com/rogue-kdc/CVE-2020-16939

This repository contains a proof-of-concept exploit for CVE-2020-16939, which involves a folder takeover vulnerability. The code demonstrates how to manipulate file locks and privileges to exploit the vulnerability.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Windows (specific version not specified)
No auth needed
Prerequisites: Access to the target system · Ability to execute arbitrary code
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-1254/

Scores

CVSS v3 7.8
EPSS 0.0242
EPSS Percentile 82.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-59
Status published
Products (20)
microsoft/windows_10
microsoft/windows_10 1607
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_10 1903
microsoft/windows_10 1909
microsoft/windows_10 2004
microsoft/windows_7
microsoft/windows_8.1
... and 10 more
Published Oct 16, 2020
Tracked Since Feb 18, 2026