Vulnerability Details CVE-2020-9331
CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation (by local users with the SeChangeNotifyPrivilege right) because user-mode input is mishandled during process creation. An attacker can write arbitrary data to an arbitrary location in the kernel's address space.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6