CVE-2020-1263Sensitive Information Exposure in Microsoft Windows

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.4%
top 40.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
15
Microsoft WindowsMicrosoft Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Windows 10 Version 1903 FOR Arm64-based Systems+12 more
Timeline
PublishedJun 9
Latest updateMay 24

Description

An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1261.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages13 packages

CVEListV5microsoft/windows18 versions+17
NVDmicrosoft/windows5 versions+4
NVDmicrosoft/windows_107 versions+6
CVEListV5microsoft/windows_server12 versions+11

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-pp7w-52gw-4c68: An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Inform2022-05-24
CVEList
CVE-2020-1263: An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Inform2020-06-09

📋Vendor Advisories

1
Microsoft
Windows Error Reporting Information Disclosure Vulnerability2020-06-09
CVE-2020-1263 — Sensitive Information Exposure | cvebase