Main Vulnerability Database Vulnerabilities #VU26846

#VU26846 Permissions, Privileges, and Access Controls in Microsoft products - CVE-2020-1002

Published: April 14, 2020

Vulnerability identifier: #VU26846

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-1002

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Microsoft Forefront Endpoint Protection
Microsoft Security Essentials
Windows Defender

Software vendor:
Microsoft

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the MpSigStub.exe for Defender allows file deletion in arbitrary locations. A local user can run a specially crafted command and delete protected files on an affected system once MpSigStub.exe ran again.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1002

#VU26846 Permissions, Privileges, and Access Controls in Microsoft products - CVE-2020-1002

Description

Remediation

External links

Please verify you're human