Medium
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
Information Disclosure
Microsoft
Refer to Microsoft advisory for the complete list of affected products and their respective patches.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1250