Main Vulnerability Database SB2020021168

SB2020021168 - Security feature bypass in Microsoft Surface Hub

Published: February 11, 2020

Security Bulletin ID SB2020021168

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security Features (CVE-ID: CVE-2020-0702)

This vulnerability allows a local attacker to bypass security rescritions feature.

The vulnerability exists in Surface Hub when prompting for credentials. An attacker with physical access can access settings which are restricted to Administrators.

Remediation

Install update from vendor's website.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0702