THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2020-1489

Windows CSC Service Elevation of Privilege Vulnerability

Reserved:2019-11-04
Published:2020-08-17
Updated:2024-06-10

Description

An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how the Windows CSC Service handles memory.



HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Problem types

Elevation of Privilege

Product status

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

10.0.0 before publication
affected

6.1.0 before publication
affected

6.1.0 before publication
affected

6.3.0 before publication
affected

6.0.0 before publication
affected

6.0.0 before publication
affected

6.0.0 before publication
affected

6.1.0 before publication
affected

6.0.0 before publication
affected

6.2.0 before publication
affected

6.2.0 before publication
affected

6.3.0 before publication
affected

6.3.0 before publication
affected

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1489

cve.org CVE-2020-1489

nvd.nist.gov CVE-2020-1489

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2020-1489