Microsoft Windows 10 Version 1803 vulnerabilities
551 known vulnerabilities affecting microsoft/windows_10_version_1803.
Total CVEs
551
CISA KEV
6
actively exploited
Public exploits
17
Exploited in wild
9
Severity breakdown
CRITICAL16HIGH396MEDIUM138LOW1
Vulnerabilities
Page 20 of 28
CVE-2020-1479HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1479 [HIGH] CVE-2020-1479: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would
nvd
CVE-2020-1553HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1553 [HIGH] CVE-2020-1553: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects i
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.
An attacker could exploit this vulnerability by running a specially crafted application on the victim system.
The update addresses the vulnerabili
nvd
CVE-2020-1534HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1534 [HIGH] CVE-2020-1534: An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles fi
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how
nvd
CVE-2020-1470HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1470 [HIGH] CVE-2020-1470: An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly hand
An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the
nvd
CVE-2020-1543HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1543 [HIGH] CVE-2020-1543: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1541HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1541 [HIGH] CVE-2020-1541: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1540HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1540 [HIGH] CVE-2020-1540: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1492HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1492 [HIGH] CWE-787 CVE-2020-1492: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1531HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1531 [HIGH] CVE-2020-1531: An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles
An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Wind
nvd
CVE-2020-1477HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1477 [HIGH] CWE-787 CVE-2020-1477: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1536HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1536 [HIGH] CVE-2020-1536: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1542HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1542 [HIGH] CVE-2020-1542: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1571HIGHCVSS 7.8vN/A2020-08-17
CVE-2020-1571 [HIGH] CWE-276 CVE-2020-1571: An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions.
A
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions.
A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
nvd
CVE-2020-1554HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1554 [HIGH] CWE-787 CVE-2020-1554: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1549HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1549 [HIGH] CVE-2020-1549: An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handl
An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the W
nvd
CVE-2020-1513HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1513 [HIGH] CVE-2020-1513: An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memor
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows
nvd
CVE-2020-1478HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1478 [HIGH] CWE-787 CVE-2020-1478: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1522HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1522 [HIGH] CVE-2020-1522: An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles me
An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windo
nvd
CVE-2020-1546HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1546 [HIGH] CVE-2020-1546: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1417HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1417 [HIGH] CVE-2020-1417: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, a
nvd