Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-16936: Windows Backup Service Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2020-16936: Windows Backup Service Elevation of Privilege Vulnerability

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

10/13/2020

Created

10/14/2020

Added

10/13/2020

Modified

11/18/2021

Description

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.

Solution(s)

msft-kb4577668-79a95e38-d1bc-434b-8a49-eb0e05941333
msft-kb4577668-965a8ede-1eb7-46d6-83a6-7246ea98aae0
msft-kb4577668-b815915f-3e4f-46ae-adc9-b90cd4b04100
msft-kb4577671-4bc3ccc3-fcb0-4bbd-a2a5-cbbd40369d41
msft-kb4577671-60a68333-26ce-47b6-9254-89d69caedfdf
msft-kb4577671-a4f7dcc3-65f1-4a75-8635-ea596100c299
msft-kb4577671-c4223a46-1f35-41d8-ac8e-d2772d017f90
msft-kb4577671-c42dc613-fb5b-4c45-925c-4f508584a635
msft-kb4577671-ddbf4c81-6ca7-4986-999e-9275ef508017
msft-kb4579311-d5cbc800-cb34-49c3-bde8-aa2f0ee05b2e
msft-kb4579311-e9f0550d-b150-4eeb-bf5e-1a08b117e7af
msft-kb4579311-fa30a6bc-24ef-47b0-a6fa-d7971053e058
msft-kb4580327-b12a0c5e-6811-4f83-aa52-963c9a1b7122
msft-kb4580327-b4113e8c-1aae-4018-b2a1-765dd1bcd9d2
msft-kb4580328-ebb00bd7-bff6-4567-8b7c-300728513137
msft-kb4580328-f01aa891-eec2-4390-9974-dc226f4d6bf4
msft-kb4580330-c2c988c8-cbbe-4a10-a26f-365b656443f3
msft-kb4580330-fc2b1c51-dad6-4170-ba4d-85c43ed047d1
msft-kb4580346-9b324858-4775-435e-b63f-a21d81976473
msft-kb4580346-a33fefeb-b078-4cde-b9b9-f3473007bef2
msft-kb4580346-d0112564-f9f1-4bc0-a077-6510a9918638
msft-kb4580387-08d6fc97-597d-4b5b-8422-f4b57817b1c1
msft-kb4580387-1473a3e5-0aa3-43a1-b213-cf3151e2c15e
msft-kb4580387-5cef288f-a4e4-4cb7-86e0-ef3c89b43ced
msft-kb4580387-e92e01a4-761c-41f6-a9f6-5853bb7885c9
msft-kb4580387-fc890b9e-e1d1-43af-b7f8-d42201cd24aa

References

https://attackerkb.com/topics/cve-2020-16936
CVE - 2020-16936
4577668
4577671
4579311
4580327
4580328
4580330
4580345
4580346
4580387

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-16936: Windows Backup Service Elevation of Privilege Vulnerability

Microsoft CVE-2020-16936: Windows Backup Service Elevation of Privilege Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.