CVE Vulnerabilities

CVE-2020-1393

Published: Jul 14, 2020 | Modified: Jul 21, 2021
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka Windows Diagnostics Hub Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2020-1418.

Affected Software

Name Vendor Start Version End Version
Visual_studio Microsoft 2015-update_3 (including) 2015-update_3 (including)
Visual_studio_2017 Microsoft 15.0 (including) 15.9.25 (excluding)
Visual_studio_2019 Microsoft 16.0 (including) 16.4.11 (excluding)
Visual_studio_2019 Microsoft 16.5.0 (including) 16.6.4 (excluding)
Windows_10 Microsoft - (including) - (including)
Windows_10 Microsoft 1607 (including) 1607 (including)
Windows_10 Microsoft 1709 (including) 1709 (including)
Windows_10 Microsoft 1803 (including) 1803 (including)
Windows_10 Microsoft 1809 (including) 1809 (including)
Windows_10 Microsoft 1903 (including) 1903 (including)
Windows_10 Microsoft 1909 (including) 1909 (including)
Windows_10 Microsoft 2004 (including) 2004 (including)
Windows_server_2016 Microsoft - (including) - (including)
Windows_server_2016 Microsoft 1903 (including) 1903 (including)
Windows_server_2016 Microsoft 1909 (including) 1909 (including)
Windows_server_2016 Microsoft 2004 (including) 2004 (including)
Windows_server_2019 Microsoft - (including) - (including)

References