Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability

Known Exploited Vulnerabilities CVE-2020-0787 Mappings

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2020-0787	Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability	primary_impact	T1059	Command and Scripting Interpreter	Comments CVE-2020-0787 is a privilege elevation vulnerability in the Windows Background Intelligent Transfer Service (BITS). An actor can exploit this vulnerability if it improperly handles symbolic links to execute arbitrary code with system-level privileges. References https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a
CVE-2020-0787	Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability	exploitation_technique	T1068	Exploitation for Privilege Escalation	Comments CVE-2020-0787 is a privilege elevation vulnerability in the Windows Background Intelligent Transfer Service (BITS). An actor can exploit this vulnerability if it improperly handles symbolic links to execute arbitrary code with system-level privileges. References https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a