TROYANOSYVIRUS
Volver a CVEs

CVE-2020-0986

HIGHCISA KEV
7.8

Descripcion

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.

Detalles CVE

Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado6/9/2020
Ultima modificacion10/29/2025
Fuentekev
Avistamientos honeypot0

CISA KEV

VendedorMicrosoft
ProductoWindows
Nombre vulnerabilidadMicrosoft Windows Kernel Privilege Escalation Vulnerability
Fecha inclusion KEV2021-11-03
Fecha limite remediacion2022-05-03
Uso en ransomwareUnknown

Productos afectados

microsoft:windows_10_1507microsoft:windows_10_1607microsoft:windows_10_1709microsoft:windows_10_1803microsoft:windows_10_1809microsoft:windows_10_1903microsoft:windows_10_1909microsoft:windows_10_2004microsoft:windows_8.1microsoft:windows_rt_8.1microsoft:windows_server_1803microsoft:windows_server_1903microsoft:windows_server_1909microsoft:windows_server_2004microsoft:windows_server_2012microsoft:windows_server_2016microsoft:windows_server_2019

Debilidades (CWE)

CWE-787CWE-787

Referencias

http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html(secure@microsoft.com)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986(secure@microsoft.com)
http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0986(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.