CVE-2020-0638 — Vulnetix

Try Vulnetix Request Demo

CVE-2020-0638 PUBLISHED KEV CVSS 4.599999904632568 MEDIUM

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.

EPSS 1.66% · 81.9th percentile

Risk Scores

CVSS v2.0

4.599999904632568

EPSS Score

1.66%

81.9th percentile

Affected Products

Vendor	Product	Versions
microsoft	windows_10_1709
Microsoft	Windows 10 Version 1903 for x64-based Systems	unspecified
Microsoft	Windows 10 Version 1909 for ARM64-based Systems	unspecified
microsoft	windows_10_1903
Microsoft	Windows 10 Version 1909 for 32-bit Systems	unspecified
microsoft	windows_server_2019
Microsoft	Windows 10 Version 1903 for 32-bit Systems	unspecified
microsoft	windows_server_1803
microsoft	windows_server_1909
Microsoft	Windows 10 Version 1903 for ARM64-based Systems	unspecified
Microsoft	Windows 10 Version 1909 for x64-based Systems	unspecified
Microsoft	Windows Server	version 1803 (Core Installation), 2019, 2019 (Core installation)
microsoft	windows_10_1803
microsoft	windows_10_1809
Microsoft	Windows Server, version 1909 (Server Core installation)	unspecified
microsoft	windows_server_1903
Microsoft	Windows Server, version 1903 (Server Core installation)	unspecified
Microsoft	Windows	10 Version 1709 for ARM64-based Systems, 10 Version 1803 for x64-based Systems, 10 Version 1803 for 32-bit Systems
microsoft	windows_10_1909

Timeline

May 23, 2014 PoC Published
Jan 14, 2020 CVE Published
Jan 21, 2020 PoC Published
Jun 26, 2020 PoC Published
Apr 14, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 23, 2022 CISA KEV Added
Jun 29, 2022 EPSS Score

References

Open in Interactive Console →