SB2020071449 - Multiple vulnerabilities in Microsoft Windows Mobile Device Management Diagnostics

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2020-1372)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when Windows Mobile Device Management (MDM) Diagnostics improperly handles objects in memory. A local user can use a specially crafted application to trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Out-of-bounds read (CVE-ID: CVE-2020-1330)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. A local user can run a specially crafted application to trigger out-of-bounds read error and read contents of memory on the system.

3) Buffer overflow (CVE-ID: CVE-2020-1405)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. A local user can use a specially crafted application to trigger memory corruption and delete files on the target system.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1372
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1330
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1405