CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-1459

An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a specially crafted application. The security update addresses the vulnerability by bypassing the speculative execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.061

EPSS Ranking 90.4%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 2.1

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1459
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1459

Products affected by CVE-2020-1459

Microsoft » Windows 10 » Version: 1809

cpe:2.3:o:microsoft:windows_10:1809
Microsoft » Windows 10 » Version: 1903

cpe:2.3:o:microsoft:windows_10:1903
Microsoft » Windows 10 » Version: 1909

cpe:2.3:o:microsoft:windows_10:1909
Microsoft » Windows 10 » Version: 2004

cpe:2.3:o:microsoft:windows_10:2004

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-1459

Products

Pricing

Contact Us