Show filters
14 Total Results
Displaying 11-14 of 14
Sort by:
Attacker Value
Unknown

CVE-2020-1307

Disclosure Date: June 09, 2020 (last updated October 06, 2023)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1316.
Attacker Value
Unknown

CVE-2020-1276

Disclosure Date: June 09, 2020 (last updated October 06, 2023)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1307, CVE-2020-1316.
Attacker Value
Unknown

CVE-2020-1246

Disclosure Date: June 09, 2020 (last updated October 06, 2023)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
Attacker Value
Unknown
This CVE is the result of a patch bypass for CVE-2020-0986, reported to Microsoft by Kaspersky in December 2019 and patched in June 2020. Google Project Zero researcher Maddie Stone notified Microsoft on September 24, 2020 that the fix for Kaspersky's reported vulnerability was incomplete. CVE-2020-17008 was [published on December 23, 2020](https://bugs.chromium.org/p/project-zero/issues/detail?id=2096) as part of Google's 90-day disclosure deadline. Notably, CVE-2020-0986 was exploited in the wild as part of [Operation PowerFall](https://securelist.com/operation-powerfall-cve-2020-0986-and-variants/98329/). Stone's tweet thread on the incomplete patch [is here](https://twitter.com/maddiestone/status/1341781307508969473).
0