Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OneDrive for Windows Elevation of Privilege Vulnerability
Vulnerability Description
<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.</p> <p>The update addresses this vulnerability by correcting where the OneDrive updater performs file writes while running with elevation.</p>
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Windows Desktop OneDrive 后置链接漏洞
Vulnerability Description
Windows OneDrive是美国Microsoft公司的一款云存储服务。 Windows Desktop OneDrive存在安全漏洞,该漏洞允许攻击者运行特制的应用程序,删除目标文件。以下产品及版本受到影响: OneDrive版本。
CVSS Information
N/A
Vulnerability Type
N/A