Lucene search
MicrosoftCVE-2020-1142HistoryMay 21, 2020 - 11:15 p.m.
CVE-2020-1142
2020-05-2123:15:16
microsoft
web.nvd.nist.gov
56
cve-2020-1142
elevation of privilege
windows
gdi
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0
Percentile
9.5%
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka âWindows GDI Elevation of Privilege Vulnerabilityâ.
Affected configurations
Node
microsoftwindows_10Match1709
ORmicrosoftwindows_10Match1803
ORmicrosoftwindows_10Match1809
ORmicrosoftwindows_10Match1903
ORmicrosoftwindows_10Match1909
ORmicrosoftwindows_server_2016Match1803
ORmicrosoftwindows_server_2016Match1903
ORmicrosoftwindows_server_2016Match1909
ORmicrosoftwindows_server_2019Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10 | 1709 | cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1803 | cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1809 | cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1903 | cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
| microsoft | windows_10 | 1909 | cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1803 | cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1903 | cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1909 | cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | - | cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Windows",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Windows Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "version 1803 (Core Installation)"
},
{
"status": "affected",
"version": "2019"
},
{
"status": "affected",
"version": "2019 (Core installation)"
}
]
},
{
"product": "Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1909 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]Related
prion
prion
Privilege escalation
2020-05-21 23:15:00
mscve
mscve
Windows GDI Elevation of Privilege Vulnerability
2020-05-12 07:00:00
cvelist
cvelist
CVE-2020-1142
2020-05-21 22:53:22
nvd
nvd
CVE-2020-1142
2020-05-21 23:15:16
mskb
mskb
May 12, 2020âKB4556812 (OS Build 16299.1868)
2020-05-12 07:00:00
May 12, 2020âKB4556807 (OS Build 17134.1488)
2020-05-12 07:00:00
May 12, 2020âKB4551853 (OS Build 17763.1217)
2020-05-12 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4556812)
2020-05-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4556807)
2020-05-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4551853)
2020-05-13 00:00:00
kaspersky
kaspersky
KLA11773 Multiple vulnerabilities in Microsoft Windows
2020-05-12 00:00:00
nessus
nessus
KB4556812: Windows 10 Version 1709 May 2020 Security Update
2020-05-12 00:00:00
KB4556807: Windows 10 Version 1803 May 2020 Security Update
2020-05-12 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0
Percentile
9.5%
Related for CVE-2020-1142