PT-2020-1915 · Microsoft · Windows+1

Published

2020-03-10

Updated

2021-07-21

CVE-2020-0810

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio and Windows (affected versions not specified)

Description The issue is related to an elevation of privilege vulnerability in the Diagnostics Hub Standard Collector and the Visual Studio Standard Collector. This vulnerability allows an attacker to create files in arbitrary locations. To exploit this, an attacker must first log on to the system and then run a specially crafted application that could take control of the affected system. The vulnerability is addressed by preventing the Diagnostics Hub Standard Collector and the Visual Studio Standard Collector from creating files in arbitrary locations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2020-01192

CVE-2020-0810

Affected Products

Visual Studio

Windows

PT-2020-1915 · Microsoft · Windows+1

CVE-2020-0810

Weakness Enumeration

Related Identifiers

Affected Products

References · 6