CVE-2020-0787
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
CVSS
—
No CVSS
EPSS
42.5%
p99
KEV
YES
Jan 28, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Microsoft / Windows
Vulnerability
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Added to KEV
Jan 28, 2022
Remediate by
Jul 28, 2022
Known ransomware use
Yes
Summary description
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-0787