CVE-2020-1590

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified)

Description: The issue is related to an elevation of privilege vulnerability in the Connected User Experiences and Telemetry Service of Windows operating systems. This vulnerability is caused by improper handling of file operations, which can lead to a buffer overflow in memory. An attacker who successfully exploits this vulnerability could gain elevated privileges on the victim system by running a specially crafted application. The attacker would first need to gain execution on the victim system.

Recommendations: To resolve the issue, apply the security update that corrects how the Connected User Experiences and Telemetry Service handles file operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.