cnvd - cnvd-2020-54060

cnvd-2020-54060

Vulnerability from cnvd

Title: Microsoft OneDrive for Windows权限提升漏洞（CNVD-2020-54060）

Description:

OneDrive是Microsoft公司推出的作为Web版本Office的一部分的文件托管服务和同步服务。

OneDrive for Windows存在权限提升漏洞。该漏洞源于OneDrive for Windows桌面应用不能正确处理符号链接。攻击者可通过运行特制应用程序利用该漏洞以提升的权限覆盖目标文件。

Severity: 低

Patch Name: Microsoft OneDrive for Windows权限提升漏洞（CNVD-2020-54060）的补丁

Patch Description:

OneDrive是Microsoft公司推出的作为Web版本Office的一部分的文件托管服务和同步服务。

OneDrive for Windows存在权限提升漏洞。该漏洞源于OneDrive for Windows桌面应用不能正确处理符号链接。攻击者可通过运行特制应用程序利用该漏洞以提升的权限覆盖目标文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16853

Reference: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16853

Impacted products

Name
Microsoft OneDrive for Windows

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-16853",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-16853"
    }
  },
  "description": "OneDrive\u662fMicrosoft\u516c\u53f8\u63a8\u51fa\u7684\u4f5c\u4e3aWeb\u7248\u672cOffice\u7684\u4e00\u90e8\u5206\u7684\u6587\u4ef6\u6258\u7ba1\u670d\u52a1\u548c\u540c\u6b65\u670d\u52a1\u3002\n\nOneDrive for Windows\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eOneDrive for Windows\u684c\u9762\u5e94\u7528\u4e0d\u80fd\u6b63\u786e\u5904\u7406\u7b26\u53f7\u94fe\u63a5\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884c\u7279\u5236\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u8986\u76d6\u76ee\u6807\u6587\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16853",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-54060",
  "openTime": "2020-09-23",
  "patchDescription": "OneDrive\u662fMicrosoft\u516c\u53f8\u63a8\u51fa\u7684\u4f5c\u4e3aWeb\u7248\u672cOffice\u7684\u4e00\u90e8\u5206\u7684\u6587\u4ef6\u6258\u7ba1\u670d\u52a1\u548c\u540c\u6b65\u670d\u52a1\u3002\r\n\r\nOneDrive for Windows\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eOneDrive for Windows\u684c\u9762\u5e94\u7528\u4e0d\u80fd\u6b63\u786e\u5904\u7406\u7b26\u53f7\u94fe\u63a5\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884c\u7279\u5236\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u8986\u76d6\u76ee\u6807\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft OneDrive for Windows\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2020-54060\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Microsoft OneDrive for Windows"
  },
  "referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16853",
  "serverity": "\u4f4e",
  "submitTime": "2020-09-10",
  "title": "Microsoft OneDrive for Windows\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2020-54060\uff09"
}

CVE-2020-16853 (GCVE-0-2020-16853)

Vulnerability from cvelistv5

Published

2020-09-11 17:08

Modified

2024-08-04 13:45

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C

CWE

Denial of Service

Summary

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status. The update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.

References

▼	URL	Tags
	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16853	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Microsoft	OneDrive for Windows	Version: 0 < publication cpe:2.3:a:microsoft:onedrive:-:::::windows::

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:45:34.497Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16853"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:onedrive:-:*:*:*:*:windows:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "OneDrive for Windows",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-09-08T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "\u003cp\u003eAn elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.\u003c/p\u003e\n\u003cp\u003eTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.\u003c/p\u003e\n\u003cp\u003eThe update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.\u003c/p\u003e\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-31T21:35:02.972Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16853"
        }
      ],
      "title": "OneDrive for Windows Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-16853",
    "datePublished": "2020-09-11T17:08:36",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-08-04T13:45:34.497Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted