CVE-2020-16940
HIGHWindows - Privilege Escalation via User Profile Service Junction Point Handling
Title source: llmDescription
<p>An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.</p> <p>The security update addresses the vulnerability by correcting how the Windows User Profile Service handles junction points.</p>
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16940
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-1248/
Scores
CVSS v3
7.8
EPSS
0.0153
EPSS Percentile
71.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (20)
microsoft/windows_10
microsoft/windows_10
1607
microsoft/windows_10
1709
microsoft/windows_10
1803
microsoft/windows_10
1809
microsoft/windows_10
1903
microsoft/windows_10
1909
microsoft/windows_10
2004
microsoft/windows_7
microsoft/windows_8.1
... and 10 more
Published
Oct 16, 2020
Tracked Since
Feb 18, 2026