Lucene search
HistoryJul 14, 2020 - 11:15 p.m.
CVE-2020-1372
cve-2020-1372
elevation of privilege
windows
mobile device management
diagnostics
vulnerability
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.6%
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles objects in memory, aka âWindows Mobile Device Management Diagnostics Elevation of Privilege Vulnerabilityâ. This CVE ID is unique from CVE-2020-1405.
Affected configurations
Node
microsoftwindows_10_2004 for 32-bit systemsMatchunspecified
ORmicrosoftwindows_10_2004 for arm64-based systemsMatchunspecified
ORmicrosoftwindows_10_2004 for x64-based systemsMatchunspecified
ORmicrosoftwindows_server,_version_2004Matchunspecified
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows_server
ORmicrosoftwindows_server
ORmicrosoftwindows_10_1909 for 32-bit systemsMatchunspecified
ORmicrosoftwindows_10_1909 for x64-based systemsMatchunspecified
ORmicrosoftwindows_10_1909 for arm64-based systemsMatchunspecified
ORmicrosoftwindows_server,_version_1909Matchunspecified
ORmicrosoftwindows_10_1903 for 32-bit systemsMatchunspecified
ORmicrosoftwindows_10_1903 for x64-based systemsMatchunspecified
ORmicrosoftwindows_10_1903 for arm64-based systemsMatchunspecified
ORmicrosoftwindows_server,_version_1903Matchunspecified
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10_2004 for 32-bit systems | unspecified | cpe:2.3:o:microsoft:windows_10_2004 for 32-bit systems:unspecified:*:*:*:*:*:*:* |
| microsoft | windows_10_2004 for arm64-based systems | unspecified | cpe:2.3:o:microsoft:windows_10_2004 for arm64-based systems:unspecified:*:*:*:*:*:*:* |
| microsoft | windows_10_2004 for x64-based systems | unspecified | cpe:2.3:o:microsoft:windows_10_2004 for x64-based systems:unspecified:*:*:*:*:*:*:* |
| microsoft | windows_server,_version_2004 | unspecified | cpe:2.3:o:microsoft:windows_server,_version_2004:unspecified:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Windows 10 Version 2004 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 2004 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 2004 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 2004 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Windows Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2019"
},
{
"status": "affected",
"version": "2019 (Core installation)"
}
]
},
{
"product": "Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1909 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]Related
nvd
nvd
CVE-2020-1372
2020-07-14 23:15:14
CVE-2020-1405
2020-07-14 23:15:16
cvelist
cvelist
CVE-2020-1372
2020-07-14 22:54:16
CVE-2020-1405
2020-07-14 22:54:29
cve
cve
CVE-2020-1405
2020-07-14 23:15:16
prion
prion
Privilege escalation
2020-07-14 23:15:00
Privilege escalation
2020-07-14 23:15:00
mscve
mscve
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4558998)
2020-07-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565503)
2020-07-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565483)
2020-07-15 00:00:00
mskb
mskb
July 14, 2020âKB4558998 (OS Build 17763.1339)
2020-07-14 07:00:00
July 14, 2020âKB4565503 (OS Build 19041.388)
2020-07-14 07:00:00
July 14, 2020âKB4565483 (OS Builds 18362.959 and 18363.959) - EXPIRED
2020-07-14 07:00:00
nessus
nessus
kaspersky
kaspersky
KLA11865 Multiple vulnerabilities in Microsoft Windows
2020-07-14 00:00:00
avleonov
avleonov
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.6%
Related for CVE-2020-1372