Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-1010: Microsoft Windows Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2020-1010: Microsoft Windows Elevation of Privilege Vulnerability

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

05/12/2020

Created

05/13/2020

Added

06/09/2020

Modified

11/18/2021

Description

An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how the Windows Block Level Backup Engine Service handles file operations.

Solution(s)

msft-kb4551853-1d25cfb0-31f1-48b4-ac45-99d819a32ab7
msft-kb4551853-cce9dd88-2595-4168-a0ae-814612863f2b
msft-kb4551853-d8c58f30-4d7d-4aff-9e93-6ff2ae128f13
msft-kb4556799-0f2d06b0-3738-472e-8275-991c5394c2f1
msft-kb4556799-2e69bf96-184c-46b9-8937-306e23bdb930
msft-kb4556799-7f570c23-239e-430c-b403-391861eae9a3
msft-kb4556799-80497d7a-0a69-4f9e-805d-a8fa302967a6
msft-kb4556799-92289747-4a2a-48fa-9fa7-307f2f5dbcaf
msft-kb4556799-94cb3319-c037-4529-8187-81eaa6eaa6cd
msft-kb4556807-667b6b79-dad1-4ca7-9e1b-316c1ab3b620
msft-kb4556807-cc1b2352-a313-434e-97d9-4d5af44ebe22
msft-kb4556812-5bb8e7e7-a95f-4bb7-b741-1060639b133d
msft-kb4556812-9210cc51-b6e2-4474-999e-1b1a1de3d6dd
msft-kb4556813-74a79eb6-46b3-4013-a548-1c6eb7b716c4
msft-kb4556813-c1e8e102-1514-4e96-92fa-7175ddced36f
msft-kb4556813-dd423833-a95c-426e-8eb1-8105e698d2c2
msft-kb4556826-94eb3f6f-5f0d-47b5-ae9e-e54868948f5e
msft-kb4556826-ef24f377-fa00-4a2f-9e3c-b1b284b77d0d
msft-kb4556843-18ba7a1f-f3d5-4939-83fa-64f96dd1eeef
msft-kb4556843-9814f135-936f-4ad1-aed5-17b04b171ad3
msft-kb4556843-a42409fa-d080-4ad0-87a2-e8f2720c3106
msft-kb4556843-f8a7bc32-9e4e-487d-84fa-6a54b2bf9b18
msft-kb4556843-f9c55547-ccbd-43a7-879f-ba43e8f87a26
msft-kb4556852-b1ad1cae-3e60-45f4-807e-20d602effdc7
msft-kb4556852-bafbf596-126b-428b-83ba-d33145682d3f
msft-kb4556852-db559421-c2a0-4db9-8f01-d0095d20dd9f
msft-kb4556853-07792524-02fb-46c4-9236-53e7d03fa3cf
msft-kb4556853-e37bb647-80a1-4ec3-8908-fbe83547cafe
msft-kb4556853-fed44027-6e0b-43e8-a358-788e4b27879f

References

https://attackerkb.com/topics/cve-2020-1010
CVE - 2020-1010
4551853
4556799
4556807
4556812
4556813
4556826
4556836
4556840
4556843
4556846
4556852
4556853

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-1010: Microsoft Windows Elevation of Privilege Vulnerability

Microsoft CVE-2020-1010: Microsoft Windows Elevation of Privilege Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.