Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-17087
HistoryNov 11, 2020 - 7:15 a.m.

CVE-2020-17087

2020-11-1107:15:00
CWE-131
[email protected]
web.nvd.nist.gov
1090
In Wild
27
cve-2020-17087
windows
kernel
local elevation
privilege
vulnerability
nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.143 Low

EPSS

Percentile

95.6%

JSON

Windows Kernel Local Elevation of Privilege Vulnerability

VendorProductVersionCPE
microsoftwindows_10_180310.0.0cpe:2.3:o:microsoft:windows_10_1803:10.0.0:*:*:*:*:*:*:*
microsoftwindows_10_180910.0.0cpe:2.3:o:microsoft:windows_10_1809:10.0.0:*:*:*:*:*:*:*
microsoftwindows_server_201910.0.0cpe:2.3:o:microsoft:windows_server_2019:10.0.0:*:*:*:*:*:*:*
microsoftwindows_server_201910.0.0cpe:2.3:o:microsoft:windows_server_2019:10.0.0:*:*:*:*:*:*:*
microsoftwindows_10_190910.0.0cpe:2.3:o:microsoft:windows_10_1909:10.0.0:*:*:*:*:*:*:*
microsoftwindows_server,_version_190910.0.0cpe:2.3:o:microsoft:windows_server,_version_1909:10.0.0:*:*:*:*:*:*:*
microsoftwindows_10_1903 for 32-bit systems10.0.0cpe:2.3:o:microsoft:windows_10_1903 for 32-bit systems:10.0.0:*:*:*:*:*:*:*
microsoftwindows_10_1903 for x64-based systems10.0.0cpe:2.3:o:microsoft:windows_10_1903 for x64-based systems:10.0.0:*:*:*:*:*:*:*
microsoftwindows_10_1903 for arm64-based systems10.0.0cpe:2.3:o:microsoft:windows_10_1903 for arm64-based systems:10.0.0:*:*:*:*:*:*:*
microsoftwindows_server,_version_190310.0.0cpe:2.3:o:microsoft:windows_server,_version_1903:10.0.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 301

Social References

More

Related

cisa_kev 2
mscve 1
prion 1
checkpoint_advisories 1
githubexploit 1
thn 4
threatpost 2
attackerkb 2
qualysblog 3
krebs 1
googleprojectzero 1
rapid7blog 1
mskb 14
nessus 10
kaspersky 2
avleonov 1
cisa_kev
cisa_kev
Microsoft Windows Kernel Privilege Escalation Vulnerability
2021-11-03 00:00:00
Google Chrome FreeType Heap Buffer Overflow Vulnerability
2021-11-03 00:00:00
mscve
mscve
Windows Kernel Local Elevation of Privilege Vulnerability
2020-11-10 08:00:00
prion
prion
Privilege escalation
2020-11-11 07:15:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Kernel Local Elevation of Privilege (CVE-2020-17087)
2020-11-04 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Conversion between Numeric Types in Microsoft
2021-07-02 16:03:16
thn
thn
WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild
2020-11-02 09:43:00
New Chrome Zero-Day Under Active Attacks – Update Your Browser
2020-11-03 09:33:00
Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered
2020-11-06 07:48:00
threatpost
threatpost
Unpatched Windows Zero-Day Exploited in the Wild for Sandbox Escape
2020-11-02 14:57:02
Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
2020-11-10 21:12:21
attackerkb
attackerkb
CVE-2020-17087 Windows Kernel local privilege escalation 0day
2020-11-11 00:00:00
CVE-2020-15999 Chrome Freetype 0day
2020-11-03 00:00:00
qualysblog
qualysblog
January 2021 Patch Tuesday – 83 Vulnerabilities, 10 Critical, One Zero Day, Adobe
2021-01-12 20:01:43
November 2020 Patch Tuesday – 112 Vulnerabilities, 17 Critical, Windows Codecs, Network File System, Workstation, Adobe
2020-11-10 20:52:34
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
krebs
krebs
Patch Tuesday, November 2020 Edition
2020-11-11 01:56:41
googleprojectzero
googleprojectzero
In-the-Wild Series: October 2020 0-day discovery
2021-03-18 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2020
2020-11-11 01:03:15
mskb
mskb
November 10, 2020—KB4586817 (Security-only update)
2020-11-10 08:00:00
November 10, 2020—KB4586807 (Monthly Rollup)
2020-11-10 08:00:00
November 10, 2020—KB4586805 (Security-only update)
2020-11-10 08:00:00
nessus
nessus
KB4586817: Windows Server 2008 November 2020 Security Update
2020-11-10 00:00:00
KB4586805: Windows 7 and Windows Server 2008 R2 November 2020 Security Update
2020-11-10 00:00:00
KB4586823: Windows 8.1 and Windows Server 2012 R2 November 2020 Security Update
2020-11-10 00:00:00
kaspersky
kaspersky
KLA12003 Multiple vulnerabilities in Microsoft Products (ESU)
2020-11-10 00:00:00
KLA12004 Multiple vulnerabilities in Microsoft Windows
2020-11-10 00:00:00
avleonov
avleonov
Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020
2021-01-11 01:50:44

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.143 Low

EPSS

Percentile

95.6%

JSON
Related for CVE-2020-17087
cisa_kev2mscve1prion1checkpoint_advisories1githubexploit1thn4threatpost2attackerkb2qualysblog3krebs1googleprojectzero1rapid7blog1mskb14nessus10kaspersky2avleonov1