CVE-2020-16955
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
<p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges.</p>
<p>To exploit this vulnerability, an attacker would need to convince a user to open a specially crafted file.</p>
<p>The security update addresses the vulnerability by correcting how Microsoft Office Click-to-Run (C2R) components handle these files.</p>
Se presenta una vulnerabilidad de escalada de privilegios en la manera que Microsoft Office Click-to-Run (C2R) AppVLP maneja determinados archivos, tambiĆ©n se conoce como "Microsoft Office Click-to-Run Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-16928, CVE-2020-16934
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2020-08-04 CVE Reserved
- 2020-10-16 CVE Published
- 2024-02-19 EPSS Updated
- 2024-11-15 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16955 | 2023-12-31 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | 365 Apps Search vendor "Microsoft" for product "365 Apps" | - | enterprise |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2013 Search vendor "Microsoft" for product "Office" and version "2013" | click-to-run |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2019 Search vendor "Microsoft" for product "Office" and version "2019" | - |
Affected
|