An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.
To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.
The security update addresses the vulnerability by checking COM objects.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| CVE-2020-1471 | Windows 10 Version 1803 | primary_impact | T1068 | Exploitation for Privilege Escalation |