Windows NDIS
by Microsoft
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8343 | Hig | 0.51 | 7.8 | 0.01 | Aug 15, 2018 | An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server… | ||
| CVE-2020-17069 | 0.00 | — | 0.01 | Nov 11, 2020 | Windows NDIS Information Disclosure Vulnerability | |||
| CVE-2020-0861 | 0.00 | — | 0.01 | Mar 12, 2020 | An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Network Driver Interface… | |||
| CVE-2019-0707 | 0.00 | — | 0.01 | May 16, 2019 | An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially… |
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server…
- CVE-2020-17069Nov 11, 2020risk 0.00cvss —epss 0.01
Windows NDIS Information Disclosure Vulnerability
- CVE-2020-0861Mar 12, 2020risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Network Driver Interface…
- CVE-2019-0707May 16, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially…