Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2020-1066

UNKNOWN
Published 2020-05-21T22:52:55
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2020-1066. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Microsoft

Microsoft .NET Framework 3.0

Affected Versions:

Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2
Microsoft

Microsoft .NET Framework 3.5.1

Affected Versions:

Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-jp98-j3r8-w99v

Advisory Details

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-1066
WEB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1066

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: April 4, 2024

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1066
Published: 2020-05-21T22:52:55
Last Modified: 2024-08-04T06:25:00.865Z
Copied to clipboard!