Lucene search
Microsoft Windows Multiple Vulnerabilities (KB4577049)
🗓️ 09 Sep 2020 00:00:00Reported by Copyright (C) 2020 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 25 Views
This host is missing a critical security update according to Microsoft KB4577049. It is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code, elevate privileges, conduct DoS conditions, and disclose sensitive information. The vulnerabilities exist in Microsoft Windows CloudExperienceHost, splwow64.exe, dnsrslvr.dll, Windows State Repository Service, and Microsoft COM for Windows
Show more
| Reporter | Title | Published | Views | Family All 199 |
|---|---|---|---|---|
 | September 8, 2020—KB4577049 (OS Build 10240.18696) | 9 Feb 202108:00 | – | mskb |
| September 8, 2020—KB4577064 (Monthly Rollup) | 8 Sep 202007:00 | – | mskb |
| September 8, 2020—KB4577048 (Security-only update) | 9 Feb 202108:00 | – | mskb |
| September 8, 2020—KB4577041 (OS Build 16299.2107) | 13 Oct 202007:00 | – | mskb |
| September 8, 2020—KB4577070 (Security-only update) | 8 Sep 202007:00 | – | mskb |
| September 8, 2020—KB4577066 (Monthly Rollup) | 9 Feb 202108:00 | – | mskb |
| September 8, 2020—KB4577053 (Security-only update) | 8 Sep 202007:00 | – | mskb |
| September 8, 2020—KB4577051 (Monthly Rollup) | 8 Sep 202007:00 | – | mskb |
| September 8, 2020—KB4577015 (OS Build 14393.3930) | 9 Feb 202108:00 | – | mskb |
| September 8, 2020—KB4577071 (Security-only update) | 9 Feb 202108:00 | – | mskb |
10
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.817362");
script_version("2024-06-26T05:05:39+0000");
script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
script_cve_id("CVE-2020-0782", "CVE-2020-0790", "CVE-2020-0838", "CVE-2020-0839",
"CVE-2020-0875", "CVE-2020-0878", "CVE-2020-0886", "CVE-2020-0911",
"CVE-2020-0912", "CVE-2020-0914", "CVE-2020-0921", "CVE-2020-0922",
"CVE-2020-0941", "CVE-2020-0997", "CVE-2020-1012", "CVE-2020-1013",
"CVE-2020-1030", "CVE-2020-1031", "CVE-2020-1034", "CVE-2020-1038",
"CVE-2020-1039", "CVE-2020-1052", "CVE-2020-1053", "CVE-2020-1057",
"CVE-2020-1074", "CVE-2020-1083", "CVE-2020-1091", "CVE-2020-1097",
"CVE-2020-1115", "CVE-2020-1130", "CVE-2020-1133", "CVE-2020-1152",
"CVE-2020-1172", "CVE-2020-1180", "CVE-2020-1245", "CVE-2020-1250",
"CVE-2020-1252", "CVE-2020-1256", "CVE-2020-1285", "CVE-2020-1308",
"CVE-2020-1376", "CVE-2020-1471", "CVE-2020-1491", "CVE-2020-1508",
"CVE-2020-1559", "CVE-2020-1589", "CVE-2020-1593", "CVE-2020-1596",
"CVE-2020-1598", "CVE-2020-16854");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2024-06-26 05:05:39 +0000 (Wed, 26 Jun 2024)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-09-28 12:58:00 +0000 (Mon, 28 Sep 2020)");
script_tag(name:"creation_date", value:"2020-09-09 09:00:21 +0530 (Wed, 09 Sep 2020)");
script_name("Microsoft Windows Multiple Vulnerabilities (KB4577049)");
script_tag(name:"summary", value:"This host is missing a critical security
update according to Microsoft KB4577049");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
on the target host.");
script_tag(name:"insight", value:"Multiple flaws exist due to errors,
- when Microsoft Windows CloudExperienceHost fails to check COM objects.
- in how splwow64.exe handles certain calls.
- in the way that the dnsrslvr.dll handles objects in memory.
- when the Windows State Repository Service improperly handles objects in memory.
- in the way that Microsoft COM for Windows handles objects in memory.
Please see the references for more information on the vulnerabilities.");
script_tag(name:"impact", value:"Successful exploitation will allow an attacker
to execute arbitrary code, elevate privileges, conduct DoS conditions and
disclose sensitive information.");
script_tag(name:"affected", value:"- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems");
script_tag(name:"solution", value:"The vendor has released updates. Please see
the references for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version");
script_xref(name:"URL", value:"https://support.microsoft.com/en-us/help/4577049");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone AG");
script_family("Windows : Microsoft Bulletins");
script_dependencies("smb_reg_service_pack.nasl");
script_require_ports(139, 445);
script_mandatory_keys("SMB/WindowsVersion");
exit(0);
}
include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");
if(hotfix_check_sp(win10:1, win10x64:1) <= 0){
exit(0);
}
dllPath = smb_get_system32root();
if(!dllPath ){
exit(0);
}
fileVer = fetch_file_version(sysPath:dllPath, file_name:"Ntoskrnl.exe");
if(!fileVer){
exit(0);
}
if(version_in_range(version:fileVer, test_version:"10.0.10240.0", test_version2:"10.0.10240.18695"))
{
report = report_fixed_ver(file_checked:dllPath + "\Upnphost.dll",
file_version:fileVer, vulnerable_range:"10.0.10240.0 - 10.0.10240.18695");
security_message(data:report);
exit(0);
}
exit(99);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo09 Sep 2020 00:00Current
6.9Medium risk
Vulners AI Score6.9
CVSS29.3
CVSS38.8
EPSS0.30594
SSVC