Information disclosure in Windows - #VU28020
Published: May 19, 2020
Windows
Detailed vulnerability description
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists within the handling of WLAN connection profiles in Microsoft Windows. A local user can create a malicious profile and disclose credentials for the machine account. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of an administrator.