← back
CVE-2020-0787

CVE-2020-0787

CVSS 7.8 HIGHEPSS 42.5%● KEVCWE-59
In short

Windows BITS service fails to properly handle symbolic links, allowing an attacker with local access to escalate their privileges to system level. This is dangerous because it lets a regular user gain administrative control of the computer.

Technical detail

A local privilege escalation vulnerability in Windows BITS stems from improper symbolic link validation. An authenticated local attacker can exploit this by creating malicious symbolic links that BITS processes with elevated privileges, leading to arbitrary code execution in the SYSTEM context.

Summary generated and translated by AI from the official description.
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Microsoft · WindowsMicrosoft · Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Windows 10 Version 1903 for x64-based SystemsMicrosoft · Windows 10 Version 1909 for 32-bit SystemsMicrosoft · Windows 10 Version 1909 for ARM64-based SystemsMicrosoft · Windows 10 Version 1909 for x64-based SystemsMicrosoft · Windows ServerMicrosoft · Windows Server, version 1903 (Server Core installation)Microsoft · Windows Server, version 1909 (Server Core installation)
public PoCs found5
githubgithub.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION721githubgithub.com/yanghaoi/CVE-2020-078734githubgithub.com/MasterSploit/CVE-2020-07870githubgithub.com/MasterSploit/CVE-2020-0787-BitsArbitraryFileMove-master0cve_referencepacketstormsecurity.com/files/158056/Background-Intelligent-Transfer-Service-Privilege-Escalation.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/158056/Background-Intelligent-Transfer-Service-Privilege-Escalation.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0787https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0787