Windows Rt 8 1 Microsoft Windows Rt 8 1

stack.watch can email you when security vulnerabilities are reported in Microsoft Windows Rt 8 1. You can add multiple products that you use with Windows Rt 8 1 to create your own personal software stack watcher.

By the Year

In 2021 there have been 54 vulnerabilities in Microsoft Windows Rt 8 1 with an average score of 7.8 out of ten. Last year Windows Rt 8 1 had 429 security vulnerabilities published. Right now, Windows Rt 8 1 is on track to have less security vulnerabilities in 2021 than it did last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.40.

Year Vulnerabilities Average Score
2021 54 7.81
2020 429 7.41
2019 296 7.34
2018 139 6.51

It may take a day or so for new Windows Rt 8 1 vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Microsoft Windows Rt 8 1 Security Vulnerabilities

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1727 7.8 - High - February 25, 2021

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1727 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-24102 7.8 - High - February 25, 2021

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24103.

CVE-2021-24102 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-24077 9.8 - Critical - February 25, 2021

Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1722.

CVE-2021-24077 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Windows Backup Engine Information Disclosure Vulnerability

CVE-2021-24079 5.5 - Medium - February 25, 2021

Windows Backup Engine Information Disclosure Vulnerability

CVE-2021-24079 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows TCP/IP Denial of Service Vulnerability

CVE-2021-24086 7.5 - High - February 25, 2021

Windows TCP/IP Denial of Service Vulnerability

CVE-2021-24086 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1722 9.8 - Critical - February 25, 2021

Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24077.

CVE-2021-1722 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-1726 8 - High - February 25, 2021

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-1726 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-24094 9.8 - Critical - February 25, 2021

Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24074.

CVE-2021-24094 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Windows PKU2U Elevation of Privilege Vulnerability

CVE-2021-25195 7.8 - High - February 25, 2021

Windows PKU2U Elevation of Privilege Vulnerability

CVE-2021-25195 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Address Book Remote Code Execution Vulnerability

CVE-2021-24083 7.8 - High - February 25, 2021

Windows Address Book Remote Code Execution Vulnerability

CVE-2021-24083 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

Microsoft Windows Security Feature Bypass Vulnerability

CVE-2020-17162 8.8 - High - February 25, 2021

Microsoft Windows Security Feature Bypass Vulnerability

CVE-2020-17162 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-24103 7.8 - High - February 25, 2021

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24102.

CVE-2021-24103 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Local Spooler Remote Code Execution Vulnerability

CVE-2021-24088 8.8 - High - February 25, 2021

Windows Local Spooler Remote Code Execution Vulnerability

CVE-2021-24088 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Remote Procedure Call Information Disclosure Vulnerability

CVE-2021-1734 7.5 - High - February 25, 2021

Windows Remote Procedure Call Information Disclosure Vulnerability

CVE-2021-1734 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-24074 9.8 - Critical - February 25, 2021

Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24094.

CVE-2021-24074 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Active Template Library Elevation of Privilege Vulnerability

CVE-2021-1649 7.8 - High - January 12, 2021

Active Template Library Elevation of Privilege Vulnerability

CVE-2021-1649 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1660 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1660 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows (modem.sys) Information Disclosure Vulnerability

CVE-2021-1699 5.5 - Medium - January 12, 2021

Windows (modem.sys) Information Disclosure Vulnerability

CVE-2021-1699 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

CVE-2021-1650 7.8 - High - January 12, 2021

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

CVE-2021-1650 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1666 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1666 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

TPM Device Driver Information Disclosure Vulnerability

CVE-2021-1656 5.5 - Medium - January 12, 2021

TPM Device Driver Information Disclosure Vulnerability

CVE-2021-1656 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1655 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1655 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability

CVE-2021-1674 8.8 - High - January 12, 2021

Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability

CVE-2021-1674 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1700 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701.

CVE-2021-1700 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1664 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1664 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1683 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.

CVE-2021-1683 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1701 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700.

CVE-2021-1701 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Update Stack Elevation of Privilege Vulnerability

CVE-2021-1694 9.8 - Critical - January 12, 2021

Windows Update Stack Elevation of Privilege Vulnerability

CVE-2021-1694 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1652 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1652 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1661 7.8 - High - January 12, 2021

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1661 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1668 7.8 - High - January 12, 2021

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1668 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1693 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688.

CVE-2021-1693 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Fax Compose Form Remote Code Execution Vulnerability

CVE-2021-1657 7.8 - High - January 12, 2021

Windows Fax Compose Form Remote Code Execution Vulnerability

CVE-2021-1657 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

GDI+ Remote Code Execution Vulnerability

CVE-2021-1665 7.8 - High - January 12, 2021

GDI+ Remote Code Execution Vulnerability

CVE-2021-1665 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1667 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1667 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1684 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.

CVE-2021-1684 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

NTLM Security Feature Bypass Vulnerability

CVE-2021-1678 7.5 - High - January 12, 2021

NTLM Security Feature Bypass Vulnerability

CVE-2021-1678 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1671 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1671 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-1710 7.8 - High - January 12, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-1710 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Win32k Elevation of Privilege Vulnerability

CVE-2021-1709 7.8 - High - January 12, 2021

Windows Win32k Elevation of Privilege Vulnerability

CVE-2021-1709 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1688 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693.

CVE-2021-1688 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CryptoAPI Denial of Service Vulnerability

CVE-2021-1679 6.5 - Medium - January 12, 2021

Windows CryptoAPI Denial of Service Vulnerability

CVE-2021-1679 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows LUAFV Elevation of Privilege Vulnerability

CVE-2021-1706 8.8 - High - January 12, 2021

Windows LUAFV Elevation of Privilege Vulnerability

CVE-2021-1706 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1653 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1653 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows DNS Query Information Disclosure Vulnerability

CVE-2021-1637 5.5 - Medium - January 12, 2021

Windows DNS Query Information Disclosure Vulnerability

CVE-2021-1637 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1658 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1658 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1659 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1659 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

CVE-2021-1676 5.5 - Medium - January 12, 2021

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

CVE-2021-1676 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Graphics Component Information Disclosure Vulnerability

CVE-2021-1696 5.5 - Medium - January 12, 2021

Windows Graphics Component Information Disclosure Vulnerability

CVE-2021-1696 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1673 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1673 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

CVE-2021-1702 7.8 - High - January 12, 2021

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

CVE-2021-1702 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1654 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1654 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows GDI+ Information Disclosure Vulnerability

CVE-2021-1708 5.7 - Medium - January 12, 2021

Windows GDI+ Information Disclosure Vulnerability

CVE-2021-1708 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-1695 7.8 - High - January 12, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-1695 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows GDI+ Information Disclosure Vulnerability

CVE-2020-17098 5.5 - Medium - December 10, 2020

Windows GDI+ Information Disclosure Vulnerability

CVE-2020-17098 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2020-17097 7.8 - High - December 10, 2020

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2020-17097 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Network Connections Service Elevation of Privilege Vulnerability

CVE-2020-17092 7.8 - High - December 10, 2020

Windows Network Connections Service Elevation of Privilege Vulnerability

CVE-2020-17092 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows SMB Information Disclosure Vulnerability

CVE-2020-17140 6.5 - Medium - December 10, 2020

Windows SMB Information Disclosure Vulnerability

CVE-2020-17140 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows NTFS Remote Code Execution Vulnerability

CVE-2020-17096 8.8 - High - December 10, 2020

Windows NTFS Remote Code Execution Vulnerability

CVE-2020-17096 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows KernelStream Information Disclosure Vulnerability

CVE-2020-17045 5.5 - Medium - November 11, 2020

Windows KernelStream Information Disclosure Vulnerability

CVE-2020-17045 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows Graphics Component Information Disclosure Vulnerability

CVE-2020-17004 5.5 - Medium - November 11, 2020

Windows Graphics Component Information Disclosure Vulnerability

CVE-2020-17004 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows NDIS Information Disclosure Vulnerability

CVE-2020-17069 5.5 - Medium - November 11, 2020

Windows NDIS Information Disclosure Vulnerability

CVE-2020-17069 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17032 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17032 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2020-17042 8.8 - High - November 11, 2020

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2020-17042 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability

CVE-2020-17024 7.8 - High - November 11, 2020

Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability

CVE-2020-17024 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Function Discovery SSDP Provider Information Disclosure Vulnerability

CVE-2020-17036 5.5 - Medium - November 11, 2020

Windows Function Discovery SSDP Provider Information Disclosure Vulnerability

CVE-2020-17036 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2020-17088 7.8 - High - November 11, 2020

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2020-17088 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows GDI+ Remote Code Execution Vulnerability

CVE-2020-17068 7.8 - High - November 11, 2020

Windows GDI+ Remote Code Execution Vulnerability

CVE-2020-17068 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17055 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044.

CVE-2020-17055 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Network File System Denial of Service Vulnerability

CVE-2020-17047 7.5 - High - November 11, 2020

Windows Network File System Denial of Service Vulnerability

CVE-2020-17047 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17043 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17043 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Desktop Protocol Client Information Disclosure Vulnerability

CVE-2020-17000 5.5 - Medium - November 11, 2020

Remote Desktop Protocol Client Information Disclosure Vulnerability

CVE-2020-17000 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17028 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17028 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17014 7.1 - High - November 11, 2020

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.

CVE-2020-17014 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity and availability.

Improper Privilege Management

Windows Port Class Library Elevation of Privilege Vulnerability

CVE-2020-17011 7.8 - High - November 11, 2020

Windows Port Class Library Elevation of Privilege Vulnerability

CVE-2020-17011 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Kernel Local Elevation of Privilege Vulnerability

CVE-2020-17087 7.8 - High - November 11, 2020

Windows Kernel Local Elevation of Privilege Vulnerability

CVE-2020-17087 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17026 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17026 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Print Configuration Elevation of Privilege Vulnerability

CVE-2020-17041 7.8 - High - November 11, 2020

Windows Print Configuration Elevation of Privilege Vulnerability

CVE-2020-17041 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17031 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17031 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Canonical Display Driver Information Disclosure Vulnerability

CVE-2020-17029 5.5 - Medium - November 11, 2020

Windows Canonical Display Driver Information Disclosure Vulnerability

CVE-2020-17029 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17001 7.8 - High - November 11, 2020

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.

CVE-2020-17001 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Network File System Information Disclosure Vulnerability

CVE-2020-17056 5.5 - Medium - November 11, 2020

Windows Network File System Information Disclosure Vulnerability

CVE-2020-17056 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17033 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17033 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Win32k Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17038 7.8 - High - November 11, 2020

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010.

CVE-2020-17038 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Spoofing Vulnerability

CVE-2020-1599 5.5 - Medium - November 11, 2020

Windows Spoofing Vulnerability

CVE-2020-1599 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17034 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17034 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17044 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055.

CVE-2020-17044 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Desktop Protocol Server Information Disclosure Vulnerability

CVE-2020-16997 6.5 - Medium - November 11, 2020

Remote Desktop Protocol Server Information Disclosure Vulnerability

CVE-2020-16997 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17025 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17025 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17027 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17027 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

An information disclosure vulnerability exists in the way

CVE-2020-16914 5.5 - Medium - October 16, 2020

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.

CVE-2020-16914 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

An elevation of privilege vulnerability exists in the way

CVE-2020-16887 7.8 - High - October 16, 2020

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'.

CVE-2020-16887 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation

CVE-2020-16916 7.8 - High - October 16, 2020

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16935.

CVE-2020-16916 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

An elevation of privilege vulnerability exists in the way

CVE-2020-16892 7.8 - High - October 16, 2020

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory., aka 'Windows Image Elevation of Privilege Vulnerability'.

CVE-2020-16892 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges

CVE-2020-16902 7.8 - High - October 16, 2020

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'.

CVE-2020-16902 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests

CVE-2020-16927 7.5 - High - October 16, 2020

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

CVE-2020-16927 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files

CVE-2020-16933 8.8 - High - October 16, 2020

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'.

CVE-2020-16933 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Handling of Exceptional Conditions

An elevation of privilege vulnerability exists when Group Policy improperly checks access

CVE-2020-16939 7.8 - High - October 16, 2020

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.

CVE-2020-16939 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory

CVE-2020-16889 5.5 - Medium - October 16, 2020

An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory, aka 'Windows KernelStream Information Disclosure Vulnerability'.

CVE-2020-16889 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation

CVE-2020-16935 7.8 - High - October 16, 2020

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16916.

CVE-2020-16935 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management