Show vulnerabilities with patch / with exploit

Multiple privilege escalation vulnerabilities in Windows kernel



Published: 2020-06-09
Severity Low
Patch available YES
Number of vulnerabilities 15
CVE ID CVE-2020-1273
CVE-2020-1316
CVE-2020-1241
CVE-2020-1324
CVE-2020-1307
CVE-2020-1275
CVE-2020-1274
CVE-2020-1269
CVE-2020-1262
CVE-2020-1246
CVE-2020-1237
CVE-2020-1276
CVE-2020-1266
CVE-2020-1264
CVE-2020-1162
CWE ID CWE-119
CWE-20
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Windows
Operating systems & Components / Operating system

Windows Server
Operating systems & Components / Operating system

Vendor Microsoft

Security Advisory

1) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1273

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1903, 10 1909, 10 2004

Windows Server: 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1273

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1316

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10, 10 1607, 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2016, 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1316

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

Severity: Low

CVSSv3: 3.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1241

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input in Windows kernel. A local user can run a specially crafted application and bypass implemented security features.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1607, 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2016, 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1241

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1324

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the target system.

The vulnerability exists due to a boundary error in Windows Security Health Service. A local user can run a specially crafted command, trigger memory corruption and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1324

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1307

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1903, 10 1909, 10 2004

Windows Server: 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1307

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1275

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1903, 10 1909, 10 2004

Windows Server: 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1275

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1274

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1274

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1269

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 8.1, 10, 10 1607, 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004, RT 8.1

Windows Server: 2012 R2, 2016, 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1269

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1262

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 7, 8.1, 10, 10 1607, 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004, RT 8.1

Windows Server: 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1262

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1246

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 7, 8.1, 10, 10 1607, 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004, RT 8.1

Windows Server: 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1246

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1237

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privilege so the system.

The vulnerability exists due to a boundary error in the Windows Kernel when handling objects in memory. A local user can create a specially crafted application, trigger memory corruption and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1237

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1276

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1276

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1266

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10, 10 1607, 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2016, 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1266

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1264

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10, 10 1607, 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2016, 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1264

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Buffer overflow

Severity: Low

CVSSv3: 6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1162

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the target system.

The vulnerability exists due to a boundary error in Windows Security Health Service. A local user can run a specially crafted command, trigger memory corruption and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1709, 10 1803, 10 1809, 10 1903, 10 1909, 10 2004

Windows Server: 2019, 2019 1803, 2019 1903, 2019 1909, 2019 2004

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1162

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.