Vulnerability Details CVE-2020-16901
<p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p>
<p>To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>
<p>The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.</p>
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.6%
CVSS Severity
CVSS v3 Score 5.0
CVSS v2 Score 2.1
References
Products affected by CVE-2020-16901
-
cpe:2.3:o:microsoft:windows_10:1909
-
cpe:2.3:o:microsoft:windows_server_2016:1909