CVE-2020-16913

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified)

Description: An elevation of privilege issue exists due to the Windows kernel-mode driver's failure to properly handle objects in memory. This could allow an attacker to run arbitrary code in kernel mode, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this, an attacker must first log on to the system and then run a specially crafted application. The issue is addressed by correcting how the Windows kernel-mode driver handles objects in memory.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269CWE-119

Related Identifiers

BDU:2020-04807

BDU:2020-05457

CVE-2020-16913

Affected Products

Windows

CVE-2020-16913

Weakness Enumeration

Related Identifiers

Affected Products

References · 9