New Search

Windows Win32k Elevation of Privilege Vulnerability - CVE-2020-1152

oval:org.cisecurity:def:8314

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability an attacker would have to log on to an affected system and run a specially crafted script or application. The update addresses the vulnerability by correcting how Windows handles calls to Win32k.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 10
  • Microsoft Windows Server 2016
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2019
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2012
Class:
vulnerability
Reference(s):
  • CVE-2020-1152
  • MSRC-CVE-2020-1152
  • KB4577048
  • KB4577071
  • KB4577049
  • KB4577015
  • KB4577041
  • KB4577032
  • KB4570333
  • KB4574727
Product(s):