Vulnerability Details CVE-2020-1391
An information disclosure vulnerability exists when the Windows Agent Activation Runtime (AarSvc) fails to properly handle objects in memory, aka 'Windows Agent Activation Runtime Information Disclosure Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.4%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
Products affected by CVE-2020-1391
-
cpe:2.3:o:microsoft:windows_10:1903
-
cpe:2.3:o:microsoft:windows_10:1909
-
cpe:2.3:o:microsoft:windows_10:2004
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004