{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T05:57:41.504","vulnerabilities":[{"cve":{"id":"CVE-2020-0787","sourceIdentifier":"secure@microsoft.com","published":"2020-03-12T16:15:15.203","lastModified":"2025-10-29T14:27:17.490","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'."},{"lang":"es","value":"Existe una vulnerabilidad de elevación de privilegios cuando el  Windows Background Intelligent Transfer Service (BITS) maneja inapropiadamente los enlaces simbólicos, también se conoce como \"Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability\"."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2022-01-28","cisaActionDue":"2022-07-28","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*","matchCriteriaId":"542DAEEC-73CC-46C6-A630-BF474A3446AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*","matchCriteriaId":"61019899-D7AF-46E4-A72C-D189180F66AB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*","matchCriteriaId":"AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*","matchCriteriaId":"00345596-E9E0-4096-8DC6-0212F4747A13"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*","matchCriteriaId":"2E332666-2E03-468E-BC30-299816D6E8ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:*:*","matchCriteriaId":"A363CE8F-F399-4B6E-9E7D-349792F95DDB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:*:*","matchCriteriaId":"A1B570A8-ED1A-46B6-B8AB-064445F8FC4C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*","matchCriteriaId":"C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*","matchCriteriaId":"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*","matchCriteriaId":"C6CE5198-C498-4672-AF4C-77AB4BE06C5C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*","matchCriteriaId":"37097C39-D588-4018-B94D-5EB87B1E3D5A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:*:*","matchCriteriaId":"530DF8C9-467C-4F4F-9FCA-CDD934BADF3C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:*:*","matchCriteriaId":"ADE7E7B1-64AC-4986-A50B-0918A42C05BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*","matchCriteriaId":"5F422A8C-2C4E-42C8-B420-E0728037E15C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*","matchCriteriaId":"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*","matchCriteriaId":"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/158056/Background-Intelligent-Transfer-Service-Privilege-Escalation.html","source":"secure@microsoft.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0787","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/158056/Background-Intelligent-Transfer-Service-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0787","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0787","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}