Windows Mobile Device Management (MDM) Diagnostics Information Disclosure Vulnerability

Windows Mobile Device Management (MDM) Diagnostics Information Disclosure Vulnerability

CVE-2020-0989 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

<p>An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and access files.</p> <p>The security update addresses the vulnerability by correcting the how Windows MDM Diagnostics handles files.</p>

Learn more about our Mobile App Penetration Testing.