Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2020-1047

Description

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerabilities by correcting how Windows Hyper-V handles objects in memory.

Affected products

Microsoft/Windows Server 2019v5
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
Range: 10.0.0
Microsoft/Windows 10 1909v5
cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
Range: 10.0.0
Microsoft/Windows 10v52 versions
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
Microsoft/Windows 10 1809v5
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
Range: 10.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1047mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000