Microsoft: >> Windows Server 2016 >> 20h2 Security Vulnerabilities
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key
CVSS Score
5.0
EPSS Score
0.021
Published
2021-01-12
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.007
Published
2021-01-12
Windows CSC Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-01-12
Windows CSC Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-01-12
Windows CSC Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-01-12
Windows CSC Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-01-12
TPM Device Driver Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.025
Published
2021-01-12
Windows Fax Compose Form Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.005
Published
2021-01-12
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.035
Published
2021-01-12
Windows CSC Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2021-01-12