cbcvebase.
CVE-2020-1509
published 2020-08-17

CVE-2020-1509: An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially…

high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the target system's LSASS service. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.

Affected

45 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10_version_1507>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1607>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1709>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1709_for_32-bit_systems>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1803>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1809>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1903_for_32-bit_systems>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1903_for_arm64-based_systems>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1903_for_x64-based_systems>= 10.0.0 < publicationpublication
microsoftwindows_10_version_1909>= 10.0.0 < publicationpublication
microsoftwindows_10_version_2004>= 10.0.0 < publicationpublication
microsoftwindows_8.1>= 6.3.0 < publicationpublication
microsoftwindows_server_2008
microsoftwindows_server_2012
microsoftwindows_server_2012>= 6.2.0 < publicationpublication
microsoftwindows_server_2012_r2>= 6.3.0 < publicationpublication
microsoftwindows_server_2016
microsoftwindows_server_2016