An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-16907.
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Windows_10 | Microsoft | 1709 | 1709 |
Windows_10 | Microsoft | 1803 | 1803 |
Windows_10 | Microsoft | 1809 | 1809 |
Windows_10 | Microsoft | 1903 | 1903 |
Windows_10 | Microsoft | 1909 | 1909 |
Windows_10 | Microsoft | 2004 | 2004 |
Windows_server_2016 | Microsoft | 1903 | 1903 |
Windows_server_2016 | Microsoft | 1909 | 1909 |
Windows_server_2016 | Microsoft | 2004 | 2004 |
Windows_server_2019 | Microsoft | - | - |