← back
CVE-2020-1313

CVE-2020-1313

EPSS 40.0%
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'.
Affected products
Microsoft · Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Windows 10 Version 1903 for x64-based SystemsMicrosoft · Windows 10 Version 1909 for 32-bit SystemsMicrosoft · Windows 10 Version 1909 for ARM64-based SystemsMicrosoft · Windows 10 Version 1909 for x64-based SystemsMicrosoft · Windows 10 Version 2004 for 32-bit SystemsMicrosoft · Windows 10 Version 2004 for ARM64-based SystemsMicrosoft · Windows 10 Version 2004 for x64-based SystemsMicrosoft · Windows Server, version 1903 (Server Core installation)Microsoft · Windows Server, version 1909 (Server Core installation)Microsoft · Windows Server, version 2004 (Server Core installation)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/159305/Microsoft-Windows-Update-Orchestrator-Unchecked-ScheduleWork-Call.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1313