An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka ‘Windows Update Stack Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1109.
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_10 | Microsoft | 1709 | 1709 |
Windows_10 | Microsoft | 1803 | 1803 |
Windows_10 | Microsoft | 1809 | 1809 |
Windows_10 | Microsoft | 1903 | 1903 |
Windows_10 | Microsoft | 1909 | 1909 |
Windows_server_2019 | Microsoft | - | - |