CVE-2020-1352

CWE-269Improper Privilege ManagementCWE-736 documents6 sources
Severity
7.8HIGH
EPSS
0.4%
top 42.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
Microsoft WindowsMicrosoft Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Windows 10 Version 1903 FOR Arm64-based Systems+10 more
Timeline
PublishedJul 14
Latest updateMay 24

Description

An elevation of privilege vulnerability exists when the Windows USO Core Worker improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows USO Core Worker Elevation of Privilege Vulnerability'.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages13 packages

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-crqp-mv88-vcm6: An elevation of privilege vulnerability exists when the Windows USO Core Worker improperly handles memory2022-05-24
CVEList
CVE-2020-1352: An elevation of privilege vulnerability exists when the Windows USO Core Worker improperly handles memory2020-07-14

📋Vendor Advisories

2
Microsoft
Windows USO Core Worker Elevation of Privilege Vulnerability2020-07-14
Red Hat
libgit2: files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams2019-09-18

💬Community

1
Bugzilla
CVE-2020-12278 libgit2: files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams2020-04-29
CVE-2020-1352 (HIGH CVSS 7.8) | An elevation of privilege vulnerabi | cvebase.io