Attacker Value
Moderate
(1 user assessed)
Exploitability
High
(1 user assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
1

CVE-2020-0863

Disclosure Date: March 12, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Collection
Techniques
Validation
Validated

Description

An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka ‘Connected User Experiences and Telemetry Service Information Disclosure Vulnerability’.

Add Assessment

3
Ratings
Technical Analysis

CVE-2020-0863 is an arbitrary file read vulnerability. During the course of execution, the Diagnostic Tracking service in Windows reads a set of configuration files from a user-controlled directory, and copies them to a directory readable to everyone. While it is not possible to change the location of the write, using an oplock and file junctions, an attacker can manipulate the source file, causing the service to copy a file from a privileged area to a location readable by everyone.
More information is available here: https://itm4n.github.io/cve-2020-0863-windows-diagtrack-info-disclo/

CVSS V3 Severity and Metrics
Base Score:
5.5 Medium
Impact Score:
3.6
Exploitability Score:
1.8
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None

General Information

Vendors

  • microsoft

Products

  • windows 10 1903,
  • windows 10 1909,
  • windows server 2016 1903,
  • windows server 2016 1909

Additional Info

Technical Analysis