Main Vulnerability Database Exploits ID:4658 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-1313

ID:4658 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-1313

Published: September 26, 2020

Vulnerability identifier: #VU28916

Vulnerability risk: Low

CVE-ID: CVE-2020-1313

CWE-ID: CWE-119

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/windows/local/cve_2020_1313_system_orchestrator

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when the Windows Update Orchestrator Service improperly handles file operations. A local user can use a specially crafted application to trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

ID:4658 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-1313

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human