Main Vulnerability Database Vulnerabilities #VU25251

#VU25251 Security Features in Microsoft Surface Hub - CVE-2020-0702

Published: February 11, 2020

Vulnerability identifier: #VU25251

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-0702

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Microsoft Surface Hub

Software vendor:
Microsoft

Description

This vulnerability allows a local attacker to bypass security rescritions feature.

The vulnerability exists in Surface Hub when prompting for credentials. An attacker with physical access can access settings which are restricted to Administrators.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0702

#VU25251 Security Features in Microsoft Surface Hub - CVE-2020-0702

Description

Remediation

External links

Please verify you're human