CVE-2020-0702

Опубликовано: 11 фев. 2020

Источник: msrc

EPSS Низкий

Описание

Surface Hub Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Surface Hub when prompting for credentials. Successful exploitation of the vulnerability could allow an attacker to access settings which are restricted to Administrators.

To exploit the vulnerability, an attacker would need to have physical access to a Surface Hub.

The update addresses the vulnerability by correcting how credentials are validated when accessing restricted settings.

Обновления

Продукт	Статья	Обновление
Microsoft Surface Hub	4537765	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 45%

0.00228

Низкий

Связанные уязвимости

CVE-2020-0702

CVSS3: 6.8

nvd

почти 6 лет назад

A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'.

GHSA-p3p2-26px-qvxq

CVSS3: 6.8

github

больше 3 лет назад

A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'.

BDU:2020-00958

CVSS3: 6.8

fstec

почти 6 лет назад

Уязвимость микропрограммного обеспечения сенсорного дисплея Surface Hub, связанная с недостатками контроля доступа, позволяющая нарушителю получить доступ к настройкам, доступным только администраторам

EPSS

Процентиль: 45%

0.00228

Низкий