CVE-2020-1418
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/07/2020
Last modified:
21/07/2021
Description
An elevation of privilege vulnerability exists when the Windows Diagnostics Execution Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1393.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:arm64:* | ||
| cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:arm64:* | ||
| cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:* | ||
| cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:arm64:* | ||
| cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:* | ||
| cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:* |
To consult the complete list of CPE names with products and versions, see this page