PT-2020-3714 · Microsoft · Office Click-To-Run
Published
2020-08-11
·
Updated
2024-01-19
·
CVE-2020-1581
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Microsoft Office Click-to-Run (C2R) (affected versions not specified)
Description:
An elevation of privilege issue exists due to the way Microsoft Office Click-to-Run (C2R) components handle objects in memory. This could allow an attacker to elevate privileges if they can execute code on the system. The attacker could exploit this by running a specially crafted application on the victim system.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Office Click-To-Run