Vulnerability Details CVE-2020-0986
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.239
EPSS Ranking 95.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
Proposed Action
Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.
Ransomware Campaign
Unknown
References
- http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986
- http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986
Products affected by CVE-2020-0986
-
cpe:2.3:o:microsoft:windows_10_1507:-
-
cpe:2.3:o:microsoft:windows_10_1607:-
-
cpe:2.3:o:microsoft:windows_10_1709:-
-
cpe:2.3:o:microsoft:windows_10_1803:-
-
cpe:2.3:o:microsoft:windows_10_1809:-
-
cpe:2.3:o:microsoft:windows_10_1903:-
-
cpe:2.3:o:microsoft:windows_10_1909:-
-
cpe:2.3:o:microsoft:windows_10_2004:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_1803:-
-
cpe:2.3:o:microsoft:windows_server_1903:-
-
cpe:2.3:o:microsoft:windows_server_1909:-
-
cpe:2.3:o:microsoft:windows_server_2004:-
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2019:-