CVE-2020-1480

Name of the Vulnerable Software and Affected Versions Windows (affected versions not specified)

Description The issue is related to how the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to potentially run arbitrary code in kernel mode. This could enable the attacker to install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this, an attacker would first need to log on to the system and then run a specially crafted application. The vulnerability is associated with errors in processing objects in memory, which can lead to unintended user-mode privilege elevation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.