CVE-2020-0697

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified)

Description The issue is related to insecure privilege management in the OLicenseHeartbeat task of Microsoft Office. An attacker who successfully exploits this could run the task as SYSTEM, potentially allowing them to elevate their privileges. To exploit the issue, an authenticated attacker would need to place a specially crafted file in a specific location, which could lead to arbitrary file corruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.