diff --git a/rules/windows/sysmon/sysmon_cve-2020-1048.yml b/rules/windows/sysmon/sysmon_cve-2020-1048.yml
index 9f407a2c9..c713f5f70 100644
--- a/rules/windows/sysmon/sysmon_cve-2020-1048.yml
+++ b/rules/windows/sysmon/sysmon_cve-2020-1048.yml
@@ -14,7 +14,7 @@ detection:
     condition: 1 of them
 falsepositives:
     - New printer port install on host
-level: critical
+level: high
 ---
 logsource:
     service: sysmon