CVE-2020-16910

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified)

Description: A security feature bypass issue exists due to Windows' failure to handle file creation permissions properly, potentially allowing an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location. To exploit this, an attacker could run a specially crafted application to bypass UEFI variable security in Windows. The issue could allow an attacker to elevate their privileges.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.