CVE Vulnerabilities

CVE-2020-1556

Published: Aug 17, 2020 | Modified: Jan 19, 2024
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows WalletService properly handles objects in memory.

Affected Software

Name Vendor Start Version End Version
Windows_10 Microsoft - (including) - (including)
Windows_10 Microsoft 1607 (including) 1607 (including)
Windows_10 Microsoft 1709 (including) 1709 (including)
Windows_10 Microsoft 1803 (including) 1803 (including)
Windows_10 Microsoft 1809 (including) 1809 (including)
Windows_10 Microsoft 1903 (including) 1903 (including)
Windows_10 Microsoft 1909 (including) 1909 (including)
Windows_10 Microsoft 2004 (including) 2004 (including)
Windows_server_2016 Microsoft - (including) - (including)
Windows_server_2016 Microsoft 1903 (including) 1903 (including)
Windows_server_2016 Microsoft 1909 (including) 1909 (including)
Windows_server_2016 Microsoft 2004 (including) 2004 (including)
Windows_server_2019 Microsoft - (including) - (including)

References