CVE-2020-0778
published 2020-03-12CVE-2020-0778: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0802, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845.
Affected
63 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1903_for_32-bit_systems | — | — |
GHSA
GHSA-w7jg-g9cc-qhxv: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2020-0802 [HIGH] CWE-269 GHSA-w7jg-g9cc-qhxv: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845.
GHSA
GHSA-cfwj-6rgc-5gvv: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2020-0803 [HIGH] CWE-269 GHSA-cfwj-6rgc-5gvv: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0804, CVE-2020-0845.
GHSA
GHSA-3w96-2pj9-mfjc: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2020-0778 [HIGH] CWE-269 GHSA-3w96-2pj9-mfjc: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0802, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845.
GHSA
GHSA-m3wp-5mqq-9c8p: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2020-0804 [HIGH] CWE-269 GHSA-m3wp-5mqq-9c8p: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0845.
GHSA
GHSA-87wf-5vgr-ppx6: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2020-0845 [HIGH] CWE-269 GHSA-87wf-5vgr-ppx6: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804.
Microsoft
Windows Network Connections Service Elevation of Privilege Vulnerability
vendor_msrc·2020-03-10·CVSS 7.0
CVE-2020-0778 [HIGH] Windows Network Connections Service Elevation of Privilege Vulnerability
Windows Network Connections Service Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability by ensuring the Windows Network Connections Service properly handles objects in memory.
Microsoft Windows: Microsoft Windows
Issuing CNA: Microsoft
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Li
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-03-10·CVSS 8.8
CVE-2020-0796 [HIGH] Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw and Vitor Ventura.
Update (March 12, 2020): Microsoft released an out-of-band patch for CVE-2020-0796, a code execution vulnerability SMB client and server for Windows. An unauthenticated attacker could exploit this vulnerability to execute remote code. Snort rules 53425 - 53428 protect against exploitation of CVE-2020-0796.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 117 vulnerabilities, 25 of which are considered critical. There is also one moderate vulnerability and 91 that are considered important.
This month's patches include updates to Microsoft Media Foundation, the GDI+ API and Windows Defender, among others.
Talos released a new
Talos
Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-03-10·CVSS 8.8
CVE-2020-0796 [HIGH] Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
## Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw and Vitor Ventura.
Update (March 12, 2020): Microsoft released an out-of-band patch for CVE-2020-0796, a code execution vulnerability SMB client and server for Windows. An unauthenticated attacker could exploit this vulnerability to execute remote code. Snort rules 53425 - 53428 protect against exploitation of CVE-2020-0796.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 117 vulnerabilities, 25 of which are considered critical. There is also one moderate vulnerability and 91 that are considered important.
This month's patches include updates to Microsoft M
2020-03-12
Published