Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-0644: Windows Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2020-0644: Windows Elevation of Privilege Vulnerability

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

01/14/2020

Created

01/15/2020

Added

01/14/2020

Modified

11/18/2021

Description

An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names. An attacker who successfully exploited this vulnerability could run arbitrary code as system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to elevate privileges. The update addresses the vulnerability by correcting how Windows assigns memory to specific processes.

Solution(s)

msft-kb4528760-0765cf38-e093-4e0a-87e8-aee7cc24862f
msft-kb4528760-19558abd-f6b7-4b01-880a-e1ef9790a793
msft-kb4528760-4703ad6d-3338-4e64-8439-c158cb882d76
msft-kb4528760-593cc274-62ca-47f3-ba01-c11d486bd1a9
msft-kb4528760-8fc18280-6925-4bd4-91c1-9c0f69b91e2e
msft-kb4528760-c139f586-b22d-4e85-a769-47af7820a792
msft-kb4534271-46de78a6-89c2-4adc-a827-d55e913ca853
msft-kb4534271-5778b2b9-7a93-4e8d-962f-ba6868611cd6
msft-kb4534271-94964c8f-2416-449c-a80e-207c0399ac6d
msft-kb4534273-1fc77237-e468-44bc-8e45-6e9c71db435f
msft-kb4534273-21037827-2824-4ffc-b51a-e9529f95add9
msft-kb4534273-6d10f5d9-bc82-4742-8ce3-6589ecdae601
msft-kb4534276-4324ac04-5bcf-4bf7-a79e-c68ced90d0e4
msft-kb4534276-a84fe9a9-c446-447d-8830-7dc36dbf31e1
msft-kb4534288-60fdd399-c642-49bd-8045-bcc30dc79d24
msft-kb4534288-8ff25beb-1a46-416e-84c9-6a73282c8d93
msft-kb4534288-d5cd7234-5b00-4787-9f04-57bbffba3f63
msft-kb4534293-0ced42ab-867a-446a-855a-94e08338eee0
msft-kb4534293-1ea91d13-ca0b-4fba-9d4c-a453eb7db8fe
msft-kb4534293-cfac930f-4c55-4444-acbb-66f6812d4b2a
msft-kb4534306-54c34017-623d-43f3-9191-ff2746036ea7
msft-kb4534306-6aa03ae1-4902-47f6-9d4c-eb6cbc3cc413
msft-kb4534309-2ef7ef9a-c4eb-4924-8cb3-f3bbe13a9d50
msft-kb4534309-62ef4743-59c1-442d-8ce7-2cb177a48ec8
msft-kb4534309-accdac07-3c05-4a81-9353-910e6f292023

References

https://attackerkb.com/topics/cve-2020-0644
CVE - 2020-0644
4528760
4534271
4534273
4534276
4534283
4534288
4534293
4534297
4534306
4534309

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-0644: Windows Elevation of Privilege Vulnerability

Microsoft CVE-2020-0644: Windows Elevation of Privilege Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.