Lucene search
Hackyzh and lm0963 of DBAppSecurity Zion LabZDI-20-1000HistoryAug 13, 2020 - 12:00 a.m.
Microsoft Office OfficeClickToRun Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
2020-08-1300:00:00
hackyzh and lm0963 of DBAppSecurity Zion Lab
www.zerodayinitiative.com
18
0.001 Low
EPSS
Percentile
47.5%
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Office. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OfficeClickToRun executable. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM.
Related
cvelist
cvelist
mscve
mscve
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
2020-08-11 07:00:00
nvd
nvd
CVE-2020-1581
2020-08-17 19:15:21
prion
prion
Privilege escalation
2020-08-17 19:15:00
cve
cve
CVE-2020-1581
2020-08-17 19:15:21
nessus
nessus
Security Updates for Microsoft Office Products (August 2020)
2020-08-11 00:00:00
Security Updates for Microsoft Office Products C2R (August 2020)
2022-06-10 00:00:00
openvas
openvas
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Aug 2020)
2020-08-12 00:00:00
kaspersky
kaspersky
KLA11932 Multiple vulnerabilities in Microsoft Office
2020-08-11 00:00:00
avleonov
avleonov