Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2020-1170

Published: 09/06/2020 Updated: 21/07/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1163.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows_defender -

microsoft forefront endpoint protection 2010 -

microsoft security essentials -

microsoft system center endpoint protection 2012

Exploits

Exploit DB: Cloud Filter Arbitrary File Creation / Privilege Escalation
This Metasploit module exploits a vulnerability in cldfltsys The Cloud Filter driver on Windows 10 v1803 and later, prior to the December 2020 updates, did not set the IO_FORCE_ACCESS_CHECK or OBJ_FORCE_ACCESS_CHECK flags when calling FltCreateFileEx() and FltCreateFileEx2() within its HsmpOpCreatePlaceholders() function with attacker controlled ...

Github Repositories

https://github.com/sailay1996/delete2SYSTEM

Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM

Delete2SYSTEM Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM Short Description: I just combined @jonasLyk's technique secretclub/2020/04/23/directory-deletion-shellhtml and one of technique from this article 0x00secorg/t/windows-defender-av-zero-day-vulnerability/22258 which using windows media player (service and fold

References

CWE-732https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1170http://packetstormsecurity.com/files/160919/Cloud-Filter-Arbitrary-File-Creation-Privilege-Escalation.htmlhttps://nvd.nist.govhttps://github.com/sailay1996/delete2SYSTEMhttps://packetstormsecurity.com/files/160919/Cloud-Filter-Arbitrary-File-Creation-Privilege-Escalation.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook