VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 11, 2020· Updated Aug 4, 2024

Windows DHCP Server Information Disclosure Vulnerability

CVE-2020-1031

Description

<p>An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory.</p> <p>To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>The security update addresses the vulnerability by correcting how DHCP servers initializes memory.</p>

Affected products

13
  • Microsoft/Windows 10 1809v52 versions
    cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*+ 1 more
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*range: 10.0.0
  • Microsoft/Windows Server 2019v5
    cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Range: 10.0.0
  • Microsoft/Windows 10 1909v5
    cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
    Range: 10.0.0
  • Microsoft/Windows 10v52 versions
    cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
  • Microsoft/Windows 10 1507v5
    cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
    Range: 10.0.0
  • Microsoft/Windows 10 1607v5
    cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
    Range: 10.0.0
  • Microsoft/Windows Server 2016v5
    cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Range: 10.0.0
  • Microsoft/Windows 7v52 versions
    cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*+ 1 more
    • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*range: 6.1.0
    • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*range: 6.1.0
  • Microsoft/Windows 8.1v5
    cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
    Range: 6.3.0
  • Microsoft/Windows Server 2012v5
    cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Range: 6.2.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.