This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
Note: The field for BID is no longer populated or used by Microsoft, and no longer appears here as of May 2020
ID and Rating |
CAN/CVE ID: ADV200010 Microsoft Rating: Critical |
Vulnerability Type |
June 2020 Adobe Flash Security Update |
Vulnerability Affects |
Adobe Flash Player on Windows 10 Adobe Flash Player on Windows 8.1 Adobe Flash Player on Windows RT 8.1 Adobe Flash Player on Windows Server 2012 Adobe Flash Player on Windows Server 2012 R2 Adobe Flash Player on Windows Server 2016 Adobe Flash Player on Windows Server 2019 |
Details |
This security update addresses the following vulnerability, which is described in Adobe Security Bulletin APSB20-30: CVE-2020-9633. |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: Under Review Skeptic: N/A |
|
|
ID and Rating |
CAN/CVE ID: CVE-2020-1073 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
ChakraCore Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2016 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2019 |
Details |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1181 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019 |
Details |
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context of the SharePoint application pool process.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1213 Microsoft Rating: Critical |
Vulnerability Type |
VBScript Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008 |
Details |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Internet Explorer CVE-2020-1062 |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1219 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Browser Memory Corruption Vulnerability |
Vulnerability Affects |
ChakraCore Microsoft Internet Explorer 11 Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2016 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2019 |
Details |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2020-1219 Remote Memory Corruption Vulnerability |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1248 Microsoft Rating: Critical |
Vulnerability Type |
GDI+ Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1260 Microsoft Rating: Critical |
Vulnerability Type |
VBScript Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008 |
Details |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1260 |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1281 Microsoft Rating: Critical |
Vulnerability Type |
Windows OLE Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1286 Microsoft Rating: Critical |
Vulnerability Type |
Windows Shell Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1299 Microsoft Rating: Critical |
Vulnerability Type |
LNK Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1300 Microsoft Rating: Critical |
Vulnerability Type |
Windows Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1214 Microsoft Rating: Important |
Vulnerability Type |
VBScript Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008 |
Details |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1214 |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1183 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 |
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-0915 Microsoft Rating: Important |
Vulnerability Type |
Windows GDI Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)
|
Details |
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/AN/A |
ID and Rating |
CAN/CVE ID: CVE-2020-0916 Microsoft Rating: Important |
Vulnerability Type |
Windows GDI Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation |
Details |
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-0986 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)
|
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1120 Microsoft Rating: Important |
Vulnerability Type |
Connected User Experiences and Telemetry Service Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could cause a system to stop responding.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1148 Microsoft Rating: Important |
Vulnerability Type |
Microsoft SharePoint Spoofing Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019 |
Details |
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1160 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)
|
Details |
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1162 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists Windows Security Health Service when handles certain objects in memory. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1163 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Windows Defender Elevation of Privilege Vulnerability |
Vulnerability Affects |
|
Details |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1170 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Windows Defender Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Microsoft System Center 2012 Endpoint Protection Microsoft System Center 2012 R2 Endpoint Protection Microsoft System Center Endpoint Protection Microsoft Windows Defender on Microsoft Windows 10 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows 8.1 for 32-bit systems Microsoft Windows Defender on Microsoft Windows 8.1 for x64-based systems Microsoft Windows Defender on Microsoft Windows RT 8.1 Microsoft Windows Defender on Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Defender on Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Defender on Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2012 Microsoft Windows Defender on Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2012 R2 Microsoft Windows Defender on Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2016 Microsoft Windows Defender on Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2019 Microsoft Windows Defender on Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Defender on Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server, version 1909 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1177 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 |
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1178 Microsoft Rating: Important |
Vulnerability Type |
Microsoft SharePoint Server Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019
|
Details |
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the context of the SharePoint application pool account. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1194 Microsoft Rating: Important |
Vulnerability Type |
Windows Registry Denial of Service Vulnerability |
Vulnerability Affects |
N/A |
Details |
A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations. An attacker who successfully exploited the vulnerability could cause a denial of service against a system. To exploit the vulnerability, an attacker who has access to the system could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Registry handles filesystem operations. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1196 Microsoft Rating: Important |
Vulnerability Type |
Windows Print Configuration Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1197 Microsoft Rating: Important |
Vulnerability Type |
Windows Error Reporting Manager Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1199 Microsoft Rating: Important |
Vulnerability Type |
Windows Feedback Hub Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for HoloLens Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems |
Details |
An elevation of privilege vulnerability exists when the Windows Feedback Hub improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1201 Microsoft Rating: Important |
Vulnerability Type |
Windows Now Playing Session Manager Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1202 Microsoft Rating: Important |
Vulnerability Type |
Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1203 Microsoft Rating: Important |
Vulnerability Type |
Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1204 Microsoft Rating: Important |
Vulnerability Type |
Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to delete files. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1206 Microsoft Rating: Important |
Vulnerability Type |
Windows SMBv3 Client/Server Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: OS Attack: Windows SMBv3 CVE-2020-1206 |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1207 Microsoft Rating: Important |
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1208 Microsoft Rating: Important |
Vulnerability Type |
Jet Database Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1209 Microsoft Rating: Important |
Vulnerability Type |
Windows Network List Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1211 Microsoft Rating: Important |
Vulnerability Type |
Connected Devices Platform Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1212 Microsoft Rating: Important |
Vulnerability Type |
OLE Automation Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1215 Microsoft Rating: Important |
Vulnerability Type |
VBScript Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008 |
Details |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1215 |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1217 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation |
Details |
An Information Disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could read memory that was freed and might run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1220 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability |
Vulnerability Affects |
N/A |
Details |
N/A |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1222 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Store Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1223 Microsoft Rating: Important |
Vulnerability Type |
Word for Android Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Word for Android |
Details |
A remote code execution vulnerability exists when Microsoft Word for Android fails to properly handle certain files. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1225 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac |
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1226 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac |
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1229 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Outlook Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) |
Details |
A security feature bypass vulnerability exists when Outlook [or relevant product] fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images, disclosing the IP address of the targeted system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1230 Microsoft Rating: Important |
Vulnerability Type |
VBScript Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008 |
Details |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1230 |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1231 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1232 Microsoft Rating: Important |
Vulnerability Type |
Media Foundation Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1233 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1234 Microsoft Rating: Important |
Vulnerability Type |
Windows Error Reporting Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1235 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1236 Microsoft Rating: Important |
Vulnerability Type |
Jet Database Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1237 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1238 Microsoft Rating: Important |
Vulnerability Type |
Media Foundation Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1239 Microsoft Rating: Important |
Vulnerability Type |
Media Foundation Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1241 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation |
Details |
A security feature bypass vulnerability exists when Windows Kernel fails to properly sanitize certain parameters. |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1242 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2019 |
Details |
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all webpages in the affected browser. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1244 Microsoft Rating: Important |
Vulnerability Type |
Connected User Experiences and Telemetry Service Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could cause a system to stop responding. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1246 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1247 Microsoft Rating: Important |
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1251 Microsoft Rating: Important |
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1253 Microsoft Rating: Important |
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1254 Microsoft Rating: Important |
Vulnerability Type |
Windows Modules Installer Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1255 Microsoft Rating: Important |
Vulnerability Type |
Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content. An attacker who successfully exploited this vulnerability could upload restricted file types to an IIS-hosted folder. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1257 Microsoft Rating: Important |
Vulnerability Type |
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1258 Microsoft Rating: Important |
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1259 Microsoft Rating: Important |
Vulnerability Type |
Windows Host Guardian Service Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged. An attacker who successfully exploited the vulnerability could tamper with the log file. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1261 Microsoft Rating: Important |
Vulnerability Type |
Windows Error Reporting Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1262 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1263 Microsoft Rating: Important |
Vulnerability Type |
Windows Error Reporting Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1264 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1265 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1266 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1268 Microsoft Rating: Important |
Vulnerability Type |
Windows Service Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An information disclosure vulnerability exists when a Windows service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1269 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1270 Microsoft Rating: Important |
Vulnerability Type |
Windows WLAN Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1271 Microsoft Rating: Important |
Vulnerability Type |
Windows Backup Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Microsoft Windows 7 for x64-based Microsoft Windows Server 2008 R2 for Itanium-Based Microsoft Windows Server 2008 R2 for x64-based Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1272 Microsoft Rating: Important |
Vulnerability Type |
Windows Installer Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1273 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1274 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1275 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1276 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1277 Microsoft Rating: Important |
Vulnerability Type |
Windows Installer Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1278 Microsoft Rating: Important |
Vulnerability Type |
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1279 Microsoft Rating: Important |
Vulnerability Type |
Windows Lockscreen Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly load spotlight images from a secure location. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1280 Microsoft Rating: Important |
Vulnerability Type |
Windows Bluetooth Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1282 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1283 Microsoft Rating: Important |
Vulnerability Type |
Windows Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1284 Microsoft Rating: Important |
Vulnerability Type |
Windows SMBv3 Client/Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A denial of service vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An authenticated attacker who successfully exploited this vulnerability against an SMB Server could cause the affected system to crash. An unauthenticated attacker could also exploit this this vulnerability against an SMB client and cause the affected system to crash. |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1287 Microsoft Rating: Important |
Vulnerability Type |
Windows WalletService Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1289 Microsoft Rating: Important |
Vulnerability Type |
Microsoft SharePoint Spoofing Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Foundation 2010 Service Pack 2 |
Details |
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1290 Microsoft Rating: Important |
Vulnerability Type |
Win32k Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1291 Microsoft Rating: Important |
Vulnerability Type |
Windows Network Connections Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1292 Microsoft Rating: Important |
Vulnerability Type |
OpenSSH for Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly restrict access to configuration settings. An attacker who successfully exploited this vulnerability could replace the shell with a malicious binary. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1293 Microsoft Rating: Important |
Vulnerability Type |
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1294 Microsoft Rating: Important |
Vulnerability Type |
Windows WalletService Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1295 Microsoft Rating: Important |
Vulnerability Type |
Microsoft SharePoint Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Server 2019 |
Details |
An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1296 Microsoft Rating: Important |
Vulnerability Type |
Windows Diagnostics & feedback Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An information disclosure vulnerability exists in the way Windows Diagnostics & feedback handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1297 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019 |
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1298 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019 |
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1301 Microsoft Rating: Important |
Vulnerability Type |
Windows SMB Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. |
Intrusion Protection System (IPS) Response |
Sig ID: OS Attack: Windows SMB CVE-2020-1301 |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1302 Microsoft Rating: Important |
Vulnerability Type |
Windows Installer Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1304 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1305 Microsoft Rating: Important |
Vulnerability Type |
Windows State Repository Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1306 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1307 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1309 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Store Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1310 Microsoft Rating: Important |
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1703 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1709 (Server Core Installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1311 Microsoft Rating: Important |
Vulnerability Type |
Component Object Model Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when COM client uses special case IIDs. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1312 Microsoft Rating: Important |
Vulnerability Type |
Windows Installer Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1313 Microsoft Rating: Important |
Vulnerability Type |
Windows Update Orchestrator Service Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1314 Microsoft Rating: Important |
Vulnerability Type |
Windows Text Service Framework Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients. An attacker who successfully exploited this vulnerability could run arbitrary code in a privileged process. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1315 Microsoft Rating: Important |
Vulnerability Type |
Internet Explorer Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008 |
Details |
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1316 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1317 Microsoft Rating: Important |
Vulnerability Type |
Group Policy Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1318 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019 |
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1320 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019 |
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1321 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac |
Details |
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1322 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Project Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Project 2010 Service Pack 2 (32-bit editions) Microsoft Project 2010 Service Pack 2 (64-bit editions) Microsoft Project 2013 Service Pack 1 (32-bit editions) Microsoft Project 2013 Service Pack 1 (64-bit editions) Microsoft Project 2016 (32-bit edition) Microsoft Project 2016 (64-bit edition) |
Details |
An information disclosure vulnerability exists when Microsoft Project software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory, potentially containing sensitive information. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1323 Microsoft Rating: Important |
Vulnerability Type |
SharePoint Open Redirect Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 |
Details |
An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1324 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists Windows Security Health Service when handles certain objects in memory. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1327 Microsoft Rating: Important |
Vulnerability Type |
Team Foundation Server HTML Injection Vulnerability |
Vulnerability Affects |
Azure DevOps Server 2019 Update 1 Azure DevOps Server 2019 Update 1.1 Azure DevOps Server 2019.0.1 |
Details |
A spoofing vulnerability exists in Microsoft Team Foundation Server when it fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information. An attacker could also redirect the user to a malicious website that could spoof content or the vulnerability could be used as a pivot to chain an attack with other vulnerabilities in web services. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1329 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Bing Search Spoofing Vulnerability |
Vulnerability Affects |
Microsoft Bing Search for Android |
Details |
A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website, when browsed using the app could spoof the URL and serve malicious content. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1331 Microsoft Rating: Important |
Vulnerability Type |
System Center Spoofing Vulnerability |
Vulnerability Affects |
System Center 2016 Operations Manager |
Details |
A spoofing vulnerability exists when System Center does not properly sanitize a specially crafted web request to an affected System Center. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected System Center. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1334 Microsoft Rating: Important |
Vulnerability Type |
Windows Runtime Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1703 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1709 (Server Core Installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation) |
Details |
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1340 Microsoft Rating: Important |
Vulnerability Type |
NuGetGallery Spoofing Vulnerability |
Vulnerability Affects |
NuGetGallery |
Details |
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values. An attacker who successfully exploited the vulnerability could perform cross-site scripting attacks and run scripts in the security context of the user viewing the malicious content. |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2020-1348 Microsoft Rating: Important |
Vulnerability Type |
CVE-2020-1348 Windows GDI Information Disclosure Vulnerability |
Vulnerability Affects |
N/A |
Details |
N/A |
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: Under Review Skeptic: N/A |