Show filters
14 Total Results
Displaying 11-14 of 14
Sort by:
Attacker Value
Unknown
CVE-2020-1307
Disclosure Date: June 09, 2020 (last updated November 28, 2024)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1316.
0
Attacker Value
Unknown
CVE-2020-1276
Disclosure Date: June 09, 2020 (last updated November 28, 2024)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1307, CVE-2020-1316.
0
Attacker Value
Unknown
CVE-2020-1246
Disclosure Date: June 09, 2020 (last updated November 28, 2024)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
0
Attacker Value
Unknown
CVE-2020-17008 splWOW64 Elevation of Privilege Patch Bypass
Last updated December 30, 2020
This CVE is the result of a patch bypass for CVE-2020-0986, reported to Microsoft by Kaspersky in December 2019 and patched in June 2020. Google Project Zero researcher Maddie Stone notified Microsoft on September 24, 2020 that the fix for Kaspersky's reported vulnerability was incomplete. CVE-2020-17008 was [published on December 23, 2020](https://bugs.chromium.org/p/project-zero/issues/detail?id=2096) as part of Google's 90-day disclosure deadline.
Notably, CVE-2020-0986 was exploited in the wild as part of [Operation PowerFall](https://securelist.com/operation-powerfall-cve-2020-0986-and-variants/98329/). Stone's tweet thread on the incomplete patch [is here](https://twitter.com/maddiestone/status/1341781307508969473).
0