CVE-2020-16960

EUVD-2020-8918
Windows Backup Engine Elevation of Privilege Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
7.8 HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_7
-
microsoftwindows_server_2016
-
microsoftwindows_server_2019
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4592464
1607 (x64, x86)
KB4593226
1803 (arm64, x64, x86)
KB4592446
1809 (arm64, x64, x86)
KB4592440
1903 (arm64, x64, x86)
KB4592449
1909 (arm64, x64, x86)
KB4592449
2004 (arm64, x64, x86)
KB4592438
20H2 (arm64, x86)
KB4592438
Windows 7
Service Pack 1 (x64, x86)
KB4592503
Windows Server
1903 Server Core
KB4592449
1909 Server Core
KB4592449
2004 Server Core
KB4592438
20H2 Server Core
KB4592438
Windows Server 2008 R2
Service Pack 1 (x64)
KB4592503
Service Pack 1 Server Core (x64)
KB4592503
Windows Server 2016
Server Core
KB4593226
Standard
KB4593226
Windows Server 2019
Server Core
KB4592440
Standard
KB4592440
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-16960
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16960