CVE-2020-1471

High

An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who…

secure@microsoft.com·NVD-CWE-noinfo·Published 2020-09-11

CVSS

7.8

EPSS

0.01

KEV

Exploits

NVDen

457 chars

An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. The security update addresses the vulnerability by checking COM objects.

NVDes

243 chars

Se presenta una vulnerabilidad de escalada de privilegios cuando Microsoft Windows CloudExperienceHost se presenta un fallo al comprobar los objetos COM, también se conoce como "Windows CloudExperienceHost Elevation of Privilege Vulnerability'

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.1	Secondary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H