CVE-2020-1464

2020-08-1700:00:00

attackerkb.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.071 Low

EPSS

Percentile

93.2%

JSON

A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka ‘Windows Spoofing Vulnerability’.

Recent assessments:

zeroSteiner at August 11, 2020 9:33pm UTC reported:

A vulnerability exists within Windows that can allow file signature validation to be bypassed. This would allow an attacker to load and execute PE files without having signed them, possibly masquerading as a legitimate signature. This would be useful if the system the attacker is on requires signatures for all files or if the attacker wanted to load a library into a process where signatures are enforced.

This would not grant elevated privileges without being combined with an additional primitive.

While this is being actively exploited in the wild, at this time there are few public details on the vulnerability.

Assessed Attacker Value: 2
Assessed Attacker Value: 2Assessed Attacker Value: 3