Published: 2020-02-11

Description:
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka ‘Windows Error Reporting Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0753.

Type:

CWE-269

(Improper Privilege Management)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore

4.6/10

6.4/10

3.9/10

Exploit range
Attack complexity
Authentication

Local

Low

No required

Confidentiality impact
Integrity impact
Availability impact

Partial

Partial

Partial

 References:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0754

closedb();
?>


Copyright 2020, cxsecurity.com

 



Source link

Write a comment:
*

Your email address will not be published.