An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16902 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-10-16 16:15
Updated : 2020-10-27 11:22
NVD link : CVE-2020-16902
Mitre link : CVE-2020-16902
JSON object : View
CWE
CWE-269
Improper Privilege Management
Products Affected
microsoft
- windows_7
- windows_server_2016
- windows_rt_8.1
- windows_server_2019
- windows_8.1
- windows_10
- windows_server_2008
- windows_server_2012