Unrated severityNVD Advisory· Published Sep 11, 2020· Updated Aug 4, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-1115
Description
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory.
Affected products
14cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*+ 3 more
- cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*range: 10.0.0
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*+ 1 more
- cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*Range: 6.2.0
Patches
Vulnerability mechanics
References
1- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1115mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.