#VU28017 Untrusted Pointer Dereference in Windows and Windows Server - CVE-2020-0916
Published: May 19, 2020 / Updated: December 24, 2020
Vulnerability identifier: #VU28017
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-0916
CWE-ID: CWE-822
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Windows
Windows Server
Windows
Windows Server
Software vendor:
Microsoft
Microsoft
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to untrusted pointer dereference within the user-mode printer driver host process splwow64.exe. A local user can run a specially crafted program to trigger untrusted pointer dereference and execute arbitrary code on the system with elevated privileges in the context of the current user at medium integrity level.
Successful exploitation of the vulnerability requires that attacker has the ability to execute low-privileged code on the target system.
Remediation
Install update from vendor's website.