# (CVE-2020-0787)Windows 本地提权漏洞
## 一、漏洞概述:
2020年3月10日,微软官方公布了一个本地提权漏洞CVE-2020-0787,根据微软的漏洞描述声称,攻击者在使用低权限用户登录系统后,可以利用该漏洞构造恶意程序直接提权到administrator或者system权限。system是windows所有操作系统中权限最大的账户。
## 二、影响范围
基本上Windows全版本了
– Windows 10 for 32-bit Systems
– Windows 10 for x64-based Systems
– Windows 10 Version 1607 for 32-bit Systems
– Windows 10 Version 1607 for x64-based Systems
– Windows 10 Version 1709 for 32-bit Systems
– Windows 10 Version 1709 for ARM64-based Systems
– Windows 10 Version 1709 for x64-based Systems
– Windows 10 Version 1803 for 32-bit Systems
– Windows 10 Version 1803 for ARM64-based Systems
– Windows 10 Version 1803 for x64-based Systems
– Windows 10 Version 1809 for 32-bit Systems
– Windows 10 Version 1809 for ARM64-based Systems
– Windows 10 Version 1809 for x64-based Systems
– Windows 10 Version 1903 for 32-bit Systems
– Windows 10 Version 1903 for ARM64-based Systems
– Windows 10 Version 1903 for x64-based Systems
– Windows 10 Version 1909 for 32-bit Systems
– Windows 10 Version 1909 for ARM64-based Systems
– Windows 10 Version 1909 for x64-based Systems
– Windows 7 for 32-bit Systems Service Pack 1
– Windows 7 for x64-based Systems Service Pack 1
– Windows 8.1 for 32-bit systems
– Windows 8.1 for x64-based systems
– Windows RT 8.1
– Windows Server 2008 for 32-bit Systems Service Pack 2
– Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
– Windows Server 2008 for Itanium-Based Systems Service Pack 2
– Windows Server 2008 for x64-based Systems Service Pack 2
– Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
– Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
– Windows Server 2008 R2 for x64-based Systems Service Pack 1
– Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
– Windows Server 2012
– Windows Server 2012 (Server Core installation)
– Windows Server 2012 R2
– Windows Server 2012 R2 (Server Core installation)
– Windows Server 2016
– Windows Server 2016 (Server Core installation)
– Windows Server 2019
– Windows Server 2019 (Server Core installation)
– Windows Server, version 1803 (Server Core Installation)
– Windows Server, version 1903 (Server Core installation)
– Windows Server, version 1909 (Server Core installation
## 漏洞利用
https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION
POC成功会弹出SYSTEM权限CMD不适用于WebShell
请登录后查看评论内容