{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T03:22:01.870","vulnerabilities":[{"cve":{"id":"CVE-2020-1431","sourceIdentifier":"secure@microsoft.com","published":"2020-07-14T23:15:18.777","lastModified":"2024-11-21T05:10:32.053","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'."},{"lang":"es","value":"Se presenta una vulnerabilidad de elevación de privilegios cuando Windows AppX Deployment Extensions lleva a cabo una gestión de privilegio inapropiadamente, resultando en el acceso a archivos del sistema. Para explotar esta vulnerabilidad, un atacante autenticado necesitaría ejecutar una aplicación especialmente diseñada para elevar los privilegios. La actualización de seguridad aborda la vulnerabilidad al corregir cómo AppX Deployment Extensions gestiona los privilegios, también se conoce como \"Windows AppX Deployment Extensions Elevation of Privilege Vulnerability\""}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*","matchCriteriaId":"7CB85C75-4D35-480E-843D-60579EC75FCB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*","matchCriteriaId":"6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*","matchCriteriaId":"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*","matchCriteriaId":"E9273B95-20ED-4547-B0A8-95AD15B30372"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*","matchCriteriaId":"AAE74AF3-C559-4645-A6C0-25C3D647AAC8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*","matchCriteriaId":"5B921FDB-8E7D-427E-82BE-4432585080CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*","matchCriteriaId":"C253A63F-03AB-41CB-A03A-B2674DEA98AA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*","matchCriteriaId":"0B60D940-80C7-49F0-8F4E-3F99AC15FA82"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"}]}]}],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1431","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1431","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}