Multiple privilege escalation vulnerabilities in Windows kernel



Published: 2020-06-09
Risk Low
Patch available YES
Number of vulnerabilities 15
CVE-ID CVE-2020-1273
CVE-2020-1316
CVE-2020-1241
CVE-2020-1324
CVE-2020-1307
CVE-2020-1275
CVE-2020-1274
CVE-2020-1269
CVE-2020-1262
CVE-2020-1246
CVE-2020-1237
CVE-2020-1276
CVE-2020-1266
CVE-2020-1264
CVE-2020-1162
CWE-ID CWE-119
CWE-20
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Windows
Operating systems & Components / Operating system

Windows Server
Operating systems & Components / Operating system

Vendor Microsoft

Security Bulletin

This security bulletin contains information about 15 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU28888

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1273

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1903 - 10 2004

Windows Server: 2019 1903 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1273


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU28892

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1316

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 - 10 2004

Windows Server: 2016 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1316


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU28902

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1241

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input in Windows kernel. A local user can run a specially crafted application and bypass implemented security features.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1607 - 10 2004

Windows Server: 2016 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1241


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU28901

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1324

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the target system.

The vulnerability exists due to a boundary error in Windows Security Health Service. A local user can run a specially crafted command, trigger memory corruption and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1709 - 10 2004

Windows Server: 2019 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1324


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU28900

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1307

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1903 - 10 2004

Windows Server: 2019 1903 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1307


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Buffer overflow

EUVDB-ID: #VU28899

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1275

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1903 - 10 2004

Windows Server: 2019 1903 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1275


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

EUVDB-ID: #VU28898

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1274

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1803 - 10 2004

Windows Server: 2019 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1274


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Buffer overflow

EUVDB-ID: #VU28897

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1269

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 8.1 - 10 2004

Windows Server: 2012 R2 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1269


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Buffer overflow

EUVDB-ID: #VU28896

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1262

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 7 - 10 2004

Windows Server: 2008 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1262


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

EUVDB-ID: #VU28895

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1246

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 7 - 10 2004

Windows Server: 2008 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1246


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

EUVDB-ID: #VU28894

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1237

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privilege so the system.

The vulnerability exists due to a boundary error in the Windows Kernel when handling objects in memory. A local user can create a specially crafted application, trigger memory corruption and execute arbitrary code on the target system with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1709 - 10 2004

Windows Server: 2019 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1237


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Buffer overflow

EUVDB-ID: #VU28893

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1276

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 1803 - 10 2004

Windows Server: 2019 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1276


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

EUVDB-ID: #VU28891

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1266

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 - 10 2004

Windows Server: 2016 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1266


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

EUVDB-ID: #VU28890

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1264

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing objects in memory within the Windows kernel. A local user can create a malicious application, launch it on the system and execute arbitrary code with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Windows: 10 - 10 2004

Windows Server: 2016 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1264


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Buffer overflow

EUVDB-ID: #VU28903

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1162

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the target system.

The vulnerability exists due to a boundary error in Windows Security Health Service. A local user can run a specially crafted command, trigger memory corruption and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1709 - 10 2004

Windows Server: 2019 - 2019 2004

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1162


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###