Published: 09/06/2020 Updated: 16/06/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Microsoft Update Orchestrator Service could allow a local authenticated malicious user to gain elevated privileges on the system, caused by improper handling of file operations by the Windows Update Orchestrator Service. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftWindows 101903, 1909, 2004
MicrosoftWindows Server 20161903, 1909, 2004