CVE-2020-1538

Sažetak

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how the Windows UPnP Device Host handles memory.

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1538
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1538

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

23-02-2026 - 18:25

Objavljeno

17-08-2020 - 19:15