Privilege escalation

2020-10-1623:15:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.6%

JSON

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.

CPENameOperatorVersion
windows_10eq1709
windows_10eq1803
windows_10eq1809
windows_10eq1903
windows_10eq1909
windows_10eq2004
windows_server_2016eq1903
windows_server_2016eq1909
windows_server_2016eq2004

Name	Operator	Version
windows_10	eq	1709
windows_10	eq	1803
windows_10	eq	1809
windows_10	eq	1903
windows_10	eq	1909
windows_10	eq	2004
windows_server_2016	eq	1903
windows_server_2016	eq	1909
windows_server_2016	eq	2004