An elevation of privilege vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1011, CVE-2020-1015.
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Windows_10 | Microsoft | - | - |
| Windows_10 | Microsoft | 1607 | 1607 |
| Windows_10 | Microsoft | 1709 | 1709 |
| Windows_10 | Microsoft | 1803 | 1803 |
| Windows_10 | Microsoft | 1809 | 1809 |
| Windows_10 | Microsoft | 1903 | 1903 |
| Windows_10 | Microsoft | 1909 | 1909 |
| Windows_7 | Microsoft | - | - |
| Windows_8.1 | Microsoft | - | - |
| Windows_rt_8.1 | Microsoft | - | - |
| Windows_server_2008 | Microsoft | - | - |
| Windows_server_2008 | Microsoft | r2 | r2 |
| Windows_server_2012 | Microsoft | r2 | r2 |
| Windows_server_2008 | Microsoft | r2 | r2 |
| Windows_server_2016 | Microsoft | - | - |
| Windows_server_2012 | Microsoft | - | - |
| Windows_server_2016 | Microsoft | 1803 | 1803 |
| Windows_server_2019 | Microsoft | - | - |
| Windows_server_2016 | Microsoft | 1903 | 1903 |
| Windows_server_2016 | Microsoft | 1909 | 1909 |