CVE-2020-16939

HIGH

Microsoft Windows 10 - Symlink Following

Title source: rule

Description

<p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p> <p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p>

Exploits (2)

github 175 stars

by wjl110 · javascriptpoc

https://github.com/wjl110/CVE-Master/tree/main/CVE-2020-16939

nomisec WORKING POC 12 stars

by rogue-kdc · poc

https://github.com/rogue-kdc/CVE-2020-16939

View Code ZIP pw:eip

References (2)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16939

[Third Party Advisory] https://www.zerodayinitiative.com/advisories/ZDI-20-1254/

Scores

CVSS v3 7.8

EPSS 0.2089

EPSS Percentile 95.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-59

Status published

Affected Products (20)

microsoft/windows_10

microsoft/windows_10

microsoft/windows_10

microsoft/windows_10

microsoft/windows_10

microsoft/windows_10

microsoft/windows_10

microsoft/windows_10

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_server_2012

microsoft/windows_server_2012

... and 5 more

Timeline

Published Oct 16, 2020

Tracked Since Feb 18, 2026