| Assigner | microsoft |
| Reserved | 2019-11-04 |
| Published | 2020-08-17 |
| Updated | 2024-06-10 |
Description
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how the Windows CSC Service handles memory.
| HIGH: 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Problem types
Elevation of Privilege
Product status
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
10.0.0 before publication
affected
6.1.0 before publication
affected
6.1.0 before publication
affected
6.3.0 before publication
affected
6.0.0 before publication
affected
6.0.0 before publication
affected
6.0.0 before publication
affected
6.1.0 before publication
affected
6.0.0 before publication
affected
6.2.0 before publication
affected
6.2.0 before publication
affected
6.3.0 before publication
affected
6.3.0 before publication
affected
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1489
cve.org CVE-2020-1489
nvd.nist.gov CVE-2020-1489
Download JSON
