CVE-2020-1001

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017.

Published at
2020-04-15T15:15Z
1561 days ago
Modified
2021-07-21T11:39Z
1099 days ago
NVD-CWE-noinfo
Problem type

Impact

CVSS v3 vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Severity Score Vector

7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References


URLType
N/A
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1001
N/A

GET https://vulnerabilitydata.com/api/details/CVE-2020-1001

{
	"id": "CVE-2020-1001",
	"published_date": "2020-04-15T15:15Z",
	"last_modified_date": "2021-07-21T11:39Z",
	"assigner": "secure@microsoft.com",
	"description": "An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017.",
	"references": [
		{
			"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1001",
			"name": "N/A",
			"refsource": "N/A",
			"tags": [
				"Patch",
				"Vendor Advisory"
			]
		}
	],
	"impact": {
		"baseMetricV3": {
			"cvssV3": {
				"version": "3.1",
				"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
				"attackVector": "LOCAL",
				"attackComplexity": "LOW",
				"privilegesRequired": "LOW",
				"userInteraction": "NONE",
				"scope": "UNCHANGED",
				"confidentialityImpact": "HIGH",
				"integrityImpact": "HIGH",
				"availabilityImpact": "HIGH",
				"baseScore": 7.8,
				"baseSeverity": "HIGH"
			},
			"exploitabilityScore": 1.8,
			"impactScore": 5.9
		},
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
				"accessVector": "LOCAL",
				"accessComplexity": "LOW",
				"authentication": "NONE",
				"confidentialityImpact": "COMPLETE",
				"integrityImpact": "COMPLETE",
				"availabilityImpact": "COMPLETE",
				"baseScore": 7.2
			},
			"severity": "HIGH",
			"exploitabilityScore": 3.9,
			"impactScore": 10,
			"acInsufInfo": false,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": false
		}
	},
	"problem_type": "NVD-CWE-noinfo"
}