New Search

Windows Elevation of Privilege Vulnerability - CVE-2020-1324

oval:org.cisecurity:def:7756

An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory. To exploit the vulnerability an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability to elevate privileges. The update addresses the vulnerability by correcting how Windows Security Health Service handles certain objects in memory.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 10
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2020-1324
  • MSRC-CVE-2020-1324
  • KB4561602
  • KB4561621
  • KB4561608
  • KB4560960
Product(s):