CVE-2020-1188 — Improper Privilege Management in Microsoft Windows
Severity
7.8HIGHNVD
CISA9.8
EPSS
0.3%
top 48.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 21
Latest updateMay 24
Description
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages10 packages
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-xmgp-m2m3-m8g4: An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repo↗2022-05-24
CVEList▶
CVE-2020-1188: An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repo↗2020-05-21