CVE-2020-0638

Known Exploited (CISA KEV)HIGH

7.8

CVSS Severity Score

EPSS Score40.0140%

EPSS Percentile97.33th

PublishedJan 14, 2020

Last ModifiedOct 29, 2025

Vulnerability Description

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.

Affected Platforms (CPE)

💻

Microsoft

Windows 10 1709

All versions

💻

Microsoft

Windows 10 1709

All versions

💻

Microsoft

Windows 10 1803

All versions

💻

Microsoft

Windows 10 1803

All versions

💻

Microsoft

Windows 10 1809

All versions

💻

Microsoft

Windows 10 1809

All versions

💻

Microsoft

Windows 10 1809

All versions

💻

Microsoft

Windows 10 1903

All versions

💻

Microsoft

Windows 10 1903

All versions

💻

Microsoft

Windows 10 1903

All versions

💻

Microsoft

Windows 10 1909

All versions

💻

Microsoft

Windows 10 1909

All versions

💻

Microsoft

Windows 10 1909

All versions

💻

Microsoft

Windows Server 1803

All versions

💻

Microsoft

Windows Server 1903

All versions

💻

Microsoft

Windows Server 1909

All versions

💻

Microsoft

Windows Server 2019

All versions

References & Advisories

🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0638

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0638

Vulnerability Description

Affected Platforms (CPE)

Windows 10 1709

Windows 10 1709

Windows 10 1803

Windows 10 1803

Windows 10 1809

Windows 10 1809

Windows 10 1809

Windows 10 1903

Windows 10 1903

Windows 10 1903

Windows 10 1909

Windows 10 1909

Windows 10 1909

Windows Server 1803

Windows Server 1903

Windows Server 1909

Windows Server 2019

References & Advisories

Related Vulnerabilities