CVE-2020-1527

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/08/2020
Last modified:
19/01/2024

Description

An elevation of privilege vulnerability exists when the Windows Custom Protocol Engine improperly handles memory.<br /> To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.<br /> The security update addresses the vulnerability by correcting how the Windows Custom Protocol Engine handles memory.<br />

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*