Microsoft Windows 10 Version 2004 vulnerabilities
756 known vulnerabilities affecting microsoft/windows_10_version_2004.
Total CVEs
756
CISA KEV
26
actively exploited
Public exploits
9
Exploited in wild
27
Severity breakdown
CRITICAL23HIGH554MEDIUM177LOW2
Vulnerabilities
Page 35 of 38
CVE-2020-1518HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1518 [HIGH] CVE-2020-1518: An elevation of privilege vulnerability exists when the Windows File Server Resource Management Serv
An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by
nvd
CVE-2020-1534HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1534 [HIGH] CVE-2020-1534: An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles fi
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how
nvd
CVE-2020-1470HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1470 [HIGH] CVE-2020-1470: An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly hand
An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the
nvd
CVE-2020-1543HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1543 [HIGH] CVE-2020-1543: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1541HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1541 [HIGH] CVE-2020-1541: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1540HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1540 [HIGH] CVE-2020-1540: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1492HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1492 [HIGH] CWE-787 CVE-2020-1492: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1531HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1531 [HIGH] CVE-2020-1531: An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles
An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Wind
nvd
CVE-2020-1477HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1477 [HIGH] CWE-787 CVE-2020-1477: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1536HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1536 [HIGH] CVE-2020-1536: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1475HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1475 [HIGH] CVE-2020-1475: An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in mem
An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability b
nvd
CVE-2020-1542HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1542 [HIGH] CVE-2020-1542: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1571HIGHCVSS 7.8vN/A2020-08-17
CVE-2020-1571 [HIGH] CWE-276 CVE-2020-1571: An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions.
A
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions.
A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
nvd
CVE-2020-1554HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1554 [HIGH] CWE-787 CVE-2020-1554: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1549HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1549 [HIGH] CVE-2020-1549: An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handl
An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the W
nvd
CVE-2020-1513HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1513 [HIGH] CVE-2020-1513: An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memor
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows
nvd
CVE-2020-1478HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1478 [HIGH] CWE-787 CVE-2020-1478: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1522HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1522 [HIGH] CVE-2020-1522: An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles me
An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windo
nvd
CVE-2020-1546HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1546 [HIGH] CVE-2020-1546: An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles mem
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Window
nvd
CVE-2020-1417HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1417 [HIGH] CVE-2020-1417: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, a
nvd