CVE-2020-1506

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified)

Description: The issue is related to insecure privilege management in the WinINet API component of the Windows operating system. Exploitation of this issue could allow a remote attacker to elevate their privileges and execute arbitrary code. An attacker could exploit the vulnerability through various means, including hosting a specially crafted website or providing a specially crafted document file. The attacker would need to convince a user to view the website or open the document file. The vulnerability is related to the way Wininit.dll handles objects in memory.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.