CVE-2020-1393

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows; Windows Server; Windows 10 Version 1909 For 32-bit Systems; Windows 10 Version 1909 For X64-based Systems
Vendor: CVE Published:; 14 July 2020

Summary

An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.

Affected Version(s)

Microsoft Visual Studio 2015 Update 3

Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) = unspecified

Microsoft Visual Studio 2019 16.0

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 14, 2020
Vulnerability Reserved
Nov 4, 2019

Collectors

NVD DatabaseMitre Database