Rewterz Threat Advisory – CVE-2020-16851 – OneDrive for Windows Elevation of Privilege Vulnerability
September 9, 2020Rewterz Threat Alert – Malvertising Campaigns Revive With New Delivery Methods
September 10, 2020Rewterz Threat Advisory – CVE-2020-16851 – OneDrive for Windows Elevation of Privilege Vulnerability
September 9, 2020Rewterz Threat Alert – Malvertising Campaigns Revive With New Delivery Methods
September 10, 2020Severity
Medium
Analysis Summary
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
Impact
Information Disclosure
Affected Vendors
Microsoft
Remediation
Refer to Microsoft advisory for the complete list of affected products and their respective patches.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1250