CVE-2020-9331
CVE-2020-9331 affects CryptoPro CSP up to version 5.0.0.10004 on 32-bit platforms. The root cause is mishandling of user-mode input during process creation, enabling a local attacker with SeChangeNotifyPrivilege to write arbitrary data to the kernel address space, resulting in Local Privilege Esc...