Microsoft: >> Windows 10 20h2 Security Vulnerabilities
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-02-28
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
CVSS Score
5.5
EPSS Score
0.002
Published
2023-02-28
CVE-2023-21823
Windows Graphics Component Remote Code Execution Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.032
Published
2023-02-14
.NET and Visual Studio Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.014
Published
2023-02-14
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.033
Published
2023-02-14
Windows Secure Channel Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.034
Published
2023-02-14
Windows Active Directory Domain Services API Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.049
Published
2023-02-14
Windows Kerberos Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.007
Published
2023-02-14
Windows Secure Channel Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.276
Published
2023-02-14
Windows Secure Channel Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.372
Published
2023-02-14