Multiple vulnerabilities in Microsoft Windows Backup Engine
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2020-16958 CVE-2020-16959 CVE-2020-16960 CVE-2020-16961 CVE-2020-16962 CVE-2020-16963 CVE-2020-16964 |
| CWE-ID | CWE-264 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU48829
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-16958
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Backup Engine, which leads to security restrictions bypass and privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 R2 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1803:10.0.17134.48:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16958
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU48835
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-16959
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Backup Engine, which leads to security restrictions bypass and privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 R2 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1803:10.0.17134.48:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16959
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU48834
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-16960
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Backup Engine, which leads to security restrictions bypass and privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 R2 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1803:10.0.17134.48:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16960
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU48833
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-16961
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Backup Engine, which leads to security restrictions bypass and privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 R2 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1803:10.0.17134.48:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16961
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU48832
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-16962
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Backup Engine, which leads to security restrictions bypass and privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 R2 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1803:10.0.17134.48:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16962
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU48831
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-16963
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Backup Engine, which leads to security restrictions bypass and privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 R2 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1803:10.0.17134.48:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16963
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU48830
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-16964
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Backup Engine, which leads to security restrictions bypass and privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - 10
Windows Server: 2008 R2 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1803:10.0.17134.48:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1809:10.0.17763.1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16964
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
