Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2020-1047
Description
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerabilities by correcting how Windows Hyper-V handles objects in memory.
Affected products
6cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*range: 10.0.0
Patches
Vulnerability mechanics
References
1- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1047mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.