CVE-2020-0888 — Improper Privilege Management in Microsoft Windows
Severity
7.8HIGHNVD
EPSS
0.3%
top 49.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 15
Latest updateMay 24
Description
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0784.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages10 packages
▶CVEListV5microsoft/windows_server2019, 2019 (Core installation), version 1803 (Core Installation)+2
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-9vxj-q9qf-h6p2: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'↗2022-05-24
CVEList▶
CVE-2020-0888: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'↗2020-04-15
📋Vendor Advisories
1🕵️Threat Intelligence
7Trendmicro▶
April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities↗2020-04-14
Trendmicro▶
April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities↗2020-04-14
Trendmicro▶
April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities↗2020-04-14