PT-2020-3892 · Microsoft · Windows Common Log File System+1
Icewall
·
Published
2020-09-08
·
Updated
2023-12-31
·
CVE-2020-1115
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Windows Common Log File System (CLFS) (affected versions not specified)
Description:
The issue is related to the improper handling of objects in memory by the Windows Common Log File System (CLFS) driver, which can lead to an elevation of privilege. This could allow an attacker to run processes in an elevated context. To exploit this, an attacker would need to log on to the system and run a specially crafted application. The security update addresses this by correcting how CLFS handles objects in memory.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows Common Log File System