CVE-2020-0834

{"id": "CVE-2020-0834", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-03-12T16:15:17.923", "references": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0834", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0834", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'."}, {"lang": "es", "value": "Existe una vulnerabilidad de elevaci\u00f3n de privilegios cuando Windows maneja inapropiadamente las llamadas a Advanced Local Procedure Call (ALPC). Un atacante que haya explotado con \u00e9xito esta vulnerabilidad podr\u00eda ejecutar c\u00f3digo arbitrario en el contexto de seguridad del sistema local, tambi\u00e9n se conoce como \"Windows ALPC Elevation of Privilege Vulnerability\"."}], "lastModified": "2024-11-21T04:54:18.257", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3"}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB"}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372"}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"}, {"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B921FDB-8E7D-427E-82BE-4432585080CF"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C253A63F-03AB-41CB-A03A-B2674DEA98AA"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}