CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-0638

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.071

EPSS Ranking 91.0%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

Proposed Action

Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation.

Ransomware Campaign

Known

References

Products affected by CVE-2020-0638

Microsoft » Windows 10 1709 » Version: N/A

cpe:2.3:o:microsoft:windows_10_1709:-
Microsoft » Windows 10 1803 » Version: N/A

cpe:2.3:o:microsoft:windows_10_1803:-
Microsoft » Windows 10 1809 » Version: N/A

cpe:2.3:o:microsoft:windows_10_1809:-
Microsoft » Windows 10 1903 » Version: N/A

cpe:2.3:o:microsoft:windows_10_1903:-
Microsoft » Windows 10 1909 » Version: N/A

cpe:2.3:o:microsoft:windows_10_1909:-
Microsoft » Windows Server 1803 » Version: N/A

cpe:2.3:o:microsoft:windows_server_1803:-
Microsoft » Windows Server 1903 » Version: N/A

cpe:2.3:o:microsoft:windows_server_1903:-
Microsoft » Windows Server 1909 » Version: N/A

cpe:2.3:o:microsoft:windows_server_1909:-
Microsoft » Windows Server 2019 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2019:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-0638

Products

Pricing

Contact Us