CVE-2020-1163
First published: Tue Jun 09 2020(Updated: )
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1170.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Defender | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2008 | =sp2 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2016 | =1909 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Forefront Endpoint Protection 2010 | ||
| Microsoft Security Essentials | ||
| Microsoft System Center Endpoint Protection | =2012 | |
| Microsoft System Center Endpoint Protection | =2012-r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-1163?
CVE-2020-1163 is an elevation of privilege vulnerability in Windows Defender that leads to arbitrary file deletion on the system.
How does the vulnerability CVE-2020-1163 work?
To exploit the CVE-2020-1163 vulnerability, an attacker would first have to log on to the system.
What is the severity of CVE-2020-1163?
The severity rating of CVE-2020-1163 is high, with a CVSS score of 7.8.
Which software products are affected by CVE-2020-1163?
Microsoft Windows Defender, Microsoft Forefront Endpoint Protection 2010, Microsoft Security Essentials, and Microsoft System Center Endpoint Protection are affected by CVE-2020-1163.
Is Microsoft Windows 10 affected by CVE-2020-1163?
No, Microsoft Windows 10 is not vulnerable to CVE-2020-1163.
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows defender
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- version/microsoft windows 10/1809
- version/microsoft windows 10/1903
- version/microsoft windows 10/1909
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/sp2
- version/microsoft windows server 2008/r2-sp1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1803
- version/microsoft windows server 2016/1903
- version/microsoft windows server 2016/1909
- canonical/microsoft windows server 2019
- canonical/microsoft forefront endpoint protection 2010
- canonical/microsoft security essentials
- canonical/microsoft system center endpoint protection
- version/microsoft system center endpoint protection/2012
- version/microsoft system center endpoint protection/2012-r2