CVE-2020-1163
First published: Tue Jun 09 2020(Updated: )
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1170.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Defender | ||
| Windows 10 | ||
| Windows 10 | =1607 | |
| Windows 10 | =1709 | |
| Windows 10 | =1803 | |
| Windows 10 | =1809 | |
| Windows 10 | =1903 | |
| Windows 10 | =1909 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2016 | =1909 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Forefront Endpoint Protection 2010 | ||
| Microsoft Security Essentials | ||
| Microsoft System Center Endpoint Protection | =2012 | |
| Microsoft System Center Endpoint Protection | =2012-r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-1163?
CVE-2020-1163 is an elevation of privilege vulnerability in Windows Defender that leads to arbitrary file deletion on the system.
How does the vulnerability CVE-2020-1163 work?
To exploit the CVE-2020-1163 vulnerability, an attacker would first have to log on to the system.
What is the severity of CVE-2020-1163?
The severity rating of CVE-2020-1163 is high, with a CVSS score of 7.8.
Which software products are affected by CVE-2020-1163?
Microsoft Windows Defender, Microsoft Forefront Endpoint Protection 2010, Microsoft Security Essentials, and Microsoft System Center Endpoint Protection are affected by CVE-2020-1163.
Is Microsoft Windows 10 affected by CVE-2020-1163?
No, Microsoft Windows 10 is not vulnerable to CVE-2020-1163.
- agent/type
- agent/severity
- agent/author
- agent/references
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft defender
- canonical/windows 10
- version/windows 10/1607
- version/windows 10/1709
- version/windows 10/1803
- version/windows 10/1809
- version/windows 10/1903
- version/windows 10/1909
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows
- canonical/microsoft windows rt
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- version/microsoft windows server/r2-sp1
- version/microsoft windows server/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1803
- version/microsoft windows server 2016/1903
- version/microsoft windows server 2016/1909
- canonical/microsoft windows server 2019
- canonical/microsoft forefront endpoint protection 2010
- canonical/microsoft security essentials
- canonical/microsoft system center endpoint protection
- version/microsoft system center endpoint protection/2012
- version/microsoft system center endpoint protection/2012-r2