An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0638 | Patch Vendor Advisory |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0638 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Apr 2025, 16:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:*:* |
First Time |
Microsoft windows Server 1903
Microsoft windows 10 1809 Microsoft windows 10 1803 Microsoft windows 10 1909 Microsoft windows 10 1903 Microsoft windows 10 1709 Microsoft windows Server 1803 Microsoft windows Server 1909 |
07 Feb 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-59 |
21 Nov 2024, 04:53
Type | Values Removed | Values Added |
---|---|---|
References | () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0638 - Patch, Vendor Advisory |
Information
Published : 2020-01-14 23:15
Updated : 2025-04-08 16:00
NVD link : CVE-2020-0638
Mitre link : CVE-2020-0638
CVE.ORG link : CVE-2020-0638
JSON object : View
Products Affected
microsoft
- windows_10_1903
- windows_10_1803
- windows_server_1903
- windows_server_2019
- windows_10_1909
- windows_10_1809
- windows_10_1709
- windows_server_1803
- windows_server_1909
CWE