SB2020031045 - Multiple vulnerabilities in Windows Error Reporting
Published: March 10, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2020-0772)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when Windows Error Reporting improperly handles memory. A local user can use a specially crafted application to trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Information disclosure (CVE-ID: CVE-2020-0775)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to incorrect handling of file operations in Windows Error Reporting. A local user can run a specially crafted application to gain access to sensitive information on the system.
3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-0806)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists in Windows Error Reporting when handling and executing files. A local user can run a specially crafted application to execute arbitrary code on the system with elevated privileges.
Remediation
Install update from vendor's website.