Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2020-17008 splWOW64 Elevation of Privilege Patch Bypass

Exploited in the Wild
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

This CVE is the result of a patch bypass for CVE-2020-0986, reported to Microsoft by Kaspersky in December 2019 and patched in June 2020. Google Project Zero researcher Maddie Stone notified Microsoft on September 24, 2020 that the fix for Kaspersky’s reported vulnerability was incomplete. CVE-2020-17008 was published on December 23, 2020 as part of Google’s 90-day disclosure deadline.

Notably, CVE-2020-0986 was exploited in the wild as part of Operation PowerFall. Stone’s tweet thread on the incomplete patch is here.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Exploited in the Wild

Reported by:

Additional Info

Technical Analysis