EUVD-2020-8898

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Elevation of privilege vulnerability in Windows User Profile Service allows file deletion by attackers.

Reporter	Title	Published	Views	Family All 47
CVE	CVE-2020-16940	16 Oct 202022:17	–	cve
Cvelist	CVE-2020-16940 Windows - User Profile Service Elevation of Privilege Vulnerability	16 Oct 202022:17	–	cvelist
Microsoft KB	October 13, 2020—KB4577668 (OS Build 17763.1518) - EXPIRED	13 Oct 202007:00	–	mskb
Microsoft KB	October 13, 2020—KB4577671 (OS Builds 18362.1139 and 18363.1139) - EXPIRED	13 Oct 202007:00	–	mskb
Microsoft KB	October 13, 2020—KB4579311 (OS Build 19041.572)	13 Oct 202007:00	–	mskb
Microsoft KB	October 13, 2020—KB4580327 (OS Build 10240.18725) - EXPIRED	13 Oct 202007:00	–	mskb
Microsoft KB	October 13, 2020—KB4580328 (OS Build 16299.2166)	13 Oct 202007:00	–	mskb
Microsoft KB	October 13, 2020—KB4580330 (OS Build 17134.1792) - EXPIRED	13 Oct 202007:00	–	mskb
Microsoft KB	October 13, 2020—KB4580345 (Monthly Rollup)	13 Oct 202007:00	–	mskb
Microsoft KB	October 13, 2020—KB4580346 (OS Build 14393.3986) - EXPIRED	13 Oct 202007:00	–	mskb

[
  {
    "enisaIdVendor": [
      {
        "id": "313c7f6b-6c7e-3b9f-a35f-10663e778b1f",
        "vendor": {
          "name": "Microsoft"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0219854b-b329-3586-ac92-09a38b8b584b",
        "product": {
          "name": "Windows 7 Service Pack 1"
        },
        "product_version": "6.1.0 <publication"
      },
      {
        "id": "14ca7401-ce31-37b0-bab6-ce215dbb6a4d",
        "product": {
          "name": "Windows Server, version 1909 (Server Core installation)"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "1b3d913c-9c92-3697-a5c0-68116fc0a91a",
        "product": {
          "name": "Windows 10 Version 1607"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "2610eefb-d52a-354e-9fe9-0cafb468c0d4",
        "product": {
          "name": "Windows 10 Version 1903 for x64-based Systems"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "27c77715-1a61-3661-a6ad-ac12be665f8b",
        "product": {
          "name": "Windows Server 2008 Service Pack 2 (Server Core installation)"
        },
        "product_version": "6.0.0 <publication"
      },
      {
        "id": "2b9211b9-da0b-33e0-950e-08ace98d467e",
        "product": {
          "name": "Windows Server, version 1903 (Server Core installation)"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "2be93336-3833-3667-8ddd-38d98b133138",
        "product": {
          "name": "Windows 10 Version 1909"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "34ff2a78-5229-337c-894b-cd1471cf14ff",
        "product": {
          "name": "Windows 10 Version 2004"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "47c2c322-c1bf-3a77-bf4c-e6c43ee0f2f4",
        "product": {
          "name": "Windows Server 2008 R2 Service Pack 1"
        },
        "product_version": "6.1.0 <publication"
      },
      {
        "id": "4b3f45f9-04c6-3f54-911c-6d889b656fd4",
        "product": {
          "name": "Windows 10 Version 1803"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "564f6d6d-1538-3a2f-b99a-a9d642bfc85a",
        "product": {
          "name": "Windows 10 Version 1903 for ARM64-based Systems"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "5f7c7b15-2726-3b65-88d0-04d4cc840bf6",
        "product": {
          "name": "Windows Server 2012 R2 (Server Core installation)"
        },
        "product_version": "6.3.0 <publication"
      },
      {
        "id": "606ad98a-03b6-3026-aaae-e6cf46da8109",
        "product": {
          "name": "Windows Server 2012 R2"
        },
        "product_version": "6.3.0 <publication"
      },
      {
        "id": "7106bea2-9028-3a65-ad63-d9de0a9e0912",
        "product": {
          "name": "Windows Server 2019"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "7b23bf93-1db6-322d-813a-1a1b8f50330e",
        "product": {
          "name": "Windows Server 2016"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "7ca1ac55-1f80-3e47-8e08-90880680d722",
        "product": {
          "name": "Windows 7"
        },
        "product_version": "6.1.0 <publication"
      },
      {
        "id": "890286b0-528a-3cfd-a3cc-2b99412068be",
        "product": {
          "name": "Windows 10 Version 1709 for 32-bit Systems"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "8916f3be-04b4-3c90-bf9e-a02dfbadfcc4",
        "product": {
          "name": "Windows 10 Version 1709"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "a0717156-9d15-398e-9275-18d6834383c1",
        "product": {
          "name": "Windows Server 2008  Service Pack 2"
        },
        "product_version": "6.0.0 <publication"
      },
      {
        "id": "a1a40d5f-cf41-344a-ae5d-514053620f81",
        "product": {
          "name": "Windows Server 2012 (Server Core installation)"
        },
        "product_version": "6.2.0 <publication"
      },
      {
        "id": "a5f4cc63-ec08-3fe7-983d-834ec3251ed2",
        "product": {
          "name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)"
        },
        "product_version": "6.0.0 <publication"
      },
      {
        "id": "b399cb1f-4e02-3de9-8fd4-be70dbf8a656",
        "product": {
          "name": "Windows Server 2016 (Server Core installation)"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "b81a1482-ec5f-3434-8c97-40e21b9c3faa",
        "product": {
          "name": "Windows Server 2019 (Server Core installation)"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "c5a157d2-2367-30d7-86a4-a2f7d7c67ddf",
        "product": {
          "name": "Windows 10 Version 1903 for 32-bit Systems"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "da2d8de7-391d-35a4-8f63-f873554256d8",
        "product": {
          "name": "Windows 10 Version 1809"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "e7198510-aea4-3642-8647-3cd1a98518e8",
        "product": {
          "name": "Windows Server 2008 Service Pack 2"
        },
        "product_version": "6.0.0 <publication"
      },
      {
        "id": "e97ab23a-e5a7-3da8-8588-c400dd5df470",
        "product": {
          "name": "Windows Server version 2004"
        },
        "product_version": "10.0.0 <publication"
      },
      {
        "id": "f13a2238-b0f2-3a09-904c-ffdebd6692d9",
        "product": {
          "name": "Windows 8.1"
        },
        "product_version": "6.3.0 <publication"
      },
      {
        "id": "f32a4ed0-3be7-3dd3-9368-5dad57369c67",
        "product": {
          "name": "Windows Server 2012"
        },
        "product_version": "6.2.0 <publication"
      },
      {
        "id": "f525bb0b-067d-3c9b-93d5-55a0907df57d",
        "product": {
          "name": "Windows 10 Version 1507"
        },
        "product_version": "10.0.0 <publication"
      }
    ]
  }
]

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16940
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-20-1248/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.3High risk

Vulners AI Score7.3

CVSS 3.15.5 - 7.8

CVSS 24.9

EPSS0.00318