VDB

CVE-2020-0620

CVE-2020-0620 PUBLISHED CVSS 7.800000190734863 HIGH

An elevation of privilege vulnerability exists when Microsoft Cryptographic Services improperly handles files, aka 'Microsoft Cryptographic Services Elevation of Privilege Vulnerability'.

EPSS 0.37% · 59.2th percentile

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.37%
59.2th percentile

Affected Products

VendorProductVersions
microsoftwindows_server_2019
microsoftwindows_rt_8.1
MicrosoftWindows 10 Version 1909 for ARM64-based Systemsunspecified
MicrosoftWindows10 Version 1803 for ARM64-based Systems, 10 Version 1809 for 32-bit Systems, 10 Version 1809 for ARM64-based Systems
microsoftwindows_8.1
MicrosoftWindows 10 Version 1909 for x64-based Systemsunspecified
MicrosoftWindows 10 Version 1903 for ARM64-based Systemsunspecified
MicrosoftWindows 10 Version 1909 for 32-bit Systemsunspecified
microsoftwindows_101903, 1709, 1809
MicrosoftWindows 10 Version 1903 for 32-bit Systems*
MicrosoftWindows Server2008 for x64-based Systems Service Pack 2 (Core installation), version 1803 (Core Installation), 2019
microsoftwindows_server_2012r2
MicrosoftWindows 10 Version 1903 for x64-based Systemsunspecified
MicrosoftWindows Server, version 1903 (Server Core installation)*
microsoftwindows_server_20161903, 1909, 1803
microsoftwindows_server_2008r2, r2
MicrosoftWindows Server, version 1909 (Server Core installation)unspecified
microsoftwindows_7

Exploit Intelligence

…and 3 more exploits

Timeline

  • May 23, 2014 PoC Published
  • Jan 14, 2020 CVE Published
  • Jan 21, 2020 PoC Published
  • Jun 26, 2020 PoC Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 1, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›