Symlink Exploitation in Windows User Profile Service: Elevation of Privilege Vulnerability

Symlink Exploitation in Windows User Profile Service: Elevation of Privilege Vulnerability

CVE-2020-0730 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

Learn more about our User Device Pen Test.