VYPR
Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

Windows Spoofing Vulnerability

CVE-2020-16922

Description

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded. The update addresses the vulnerability by correcting how Windows validates file signatures.

Affected products

14
  • cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*+ 3 more
    • cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*range: 10.0.0
  • cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
    Range: 10.0.0
  • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*+ 1 more
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*range: 10.0.0
  • Microsoft/Windows 7v52 versions
    cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*+ 1 more
    • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*range: 6.1.0
    • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*range: 6.1.0
  • cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
    Range: 6.3.0
  • cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Range: 6.2.0
  • cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Range: 10.0.0
  • cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Range: 10.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.