Описание
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.
An attacker could exploit this vulnerability by running a specially crafted application on the victim system.
The update addresses the vulnerability by correcting the way the Windows Runtime handles objects in memory.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.5 Medium
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1169.
Уязвимость компонента Windows Runtime операционной системы Windows, позволяющая нарушителю повысить свои привилегии
EPSS
5.5 Medium
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2