vulnerability

Microsoft Windows: CVE-2020-16972: Windows Backup Service Elevation of Privilege Vulnerability

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Oct 13, 2020

Added

Oct 13, 2020

Modified

Sep 5, 2025

Description

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976.

Solutions

microsoft-windows-windows_10-1507-kb4580327microsoft-windows-windows_10-1607-kb4580346microsoft-windows-windows_10-1709-kb4580328microsoft-windows-windows_10-1803-kb4580330microsoft-windows-windows_10-1809-kb4577668microsoft-windows-windows_10-1903-kb4577671microsoft-windows-windows_10-1909-kb4577671microsoft-windows-windows_10-2004-kb4579311microsoft-windows-windows_server_2016-1607-kb4580346microsoft-windows-windows_server_2019-1809-kb4577668msft-kb4577671-c42dc613-fb5b-4c45-925c-4f508584a635msft-kb4577671-ddbf4c81-6ca7-4986-999e-9275ef508017msft-kb4579311-e9f0550d-b150-4eeb-bf5e-1a08b117e7afmsft-kb4580387-08d6fc97-597d-4b5b-8422-f4b57817b1c1msft-kb4580387-1473a3e5-0aa3-43a1-b213-cf3151e2c15emsft-kb4580387-5cef288f-a4e4-4cb7-86e0-ef3c89b43cedmsft-kb4580387-e92e01a4-761c-41f6-a9f6-5853bb7885c9msft-kb4580387-fc890b9e-e1d1-43af-b7f8-d42201cd24aa

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report