CVE-2020-0798

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:54

Type Values Removed Values Added
References () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0798 - Patch, Vendor Advisory () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0798 - Patch, Vendor Advisory

Information

Published : 2020-03-12 16:15

Updated : 2024-11-21 04:54


NVD link : CVE-2020-0798

Mitre link : CVE-2020-0798

CVE.ORG link : CVE-2020-0798


JSON object : View

Products Affected

microsoft

  • windows_server_2019
  • windows_10
  • windows_server_2016