Rewterz Threat Advisory – CVE-2020-16851 – OneDrive for Windows Elevation of Privilege Vulnerability

September 9, 2020

Severity

High

Analysis Summary

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.

Impact

Privilege Elevation

Remediation

Refer to Microsoft advisory for the complete list of affected products and their respective patches.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16851

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2020-8758 – Security Updates for Intel AMT and Intel ISM

Rewterz Threat Advisory – CVE-2020-1250 – Win32k Information Disclosure Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.