Windows Server 2016 Microsoft Windows Server 2016

  1. Vendors
  2. Microsoft
  3. Windows Server 2016
stack.watch can email you when security vulnerabilities are reported in Microsoft Windows Server 2016. You can add multiple products that you use with Windows Server 2016 to create your own personal software stack watcher.

By the Year

In 2021 there have been 59 vulnerabilities in Microsoft Windows Server 2016 with an average score of 7.5 out of ten. Last year Windows Server 2016 had 790 security vulnerabilities published. Right now, Windows Server 2016 is on track to have less security vulnerabilities in 2021 than it did last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.06.

Year Vulnerabilities Average Score
2021 59 7.50
2020 790 7.44
2019 443 7.35
2018 242 6.56

It may take a day or so for new Windows Server 2016 vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Microsoft Windows Server 2016 Security Vulnerabilities

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1660 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1660 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-1682 7.8 - High - January 12, 2021

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-1682 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability

CVE-2021-1674 8.8 - High - January 12, 2021

Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability

CVE-2021-1674 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique

CVE-2021-1670 5.5 - Medium - January 12, 2021

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1663, CVE-2021-1672.

CVE-2021-1670 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Desktop Security Feature Bypass Vulnerability

CVE-2021-1669 8.8 - High - January 12, 2021

Windows Remote Desktop Security Feature Bypass Vulnerability

CVE-2021-1669 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

AuthZ

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1666 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1666 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows InstallService Elevation of Privilege Vulnerability

CVE-2021-1697 7.8 - High - January 12, 2021

Windows InstallService Elevation of Privilege Vulnerability

CVE-2021-1697 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Hyper-V Denial of Service Vulnerability This CVE ID is unique

CVE-2021-1692 7.7 - High - January 12, 2021

Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1691.

CVE-2021-1692 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 3.1 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows (modem.sys) Information Disclosure Vulnerability

CVE-2021-1699 5.5 - Medium - January 12, 2021

Windows (modem.sys) Information Disclosure Vulnerability

CVE-2021-1699 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows WLAN Service Elevation of Privilege Vulnerability

CVE-2021-1646 7.8 - High - January 12, 2021

Windows WLAN Service Elevation of Privilege Vulnerability

CVE-2021-1646 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1658 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1658 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique

CVE-2021-1663 5.5 - Medium - January 12, 2021

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1670, CVE-2021-1672.

CVE-2021-1663 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Microsoft splwow64 Elevation of Privilege Vulnerability

CVE-2021-1648 7.8 - High - January 12, 2021

Microsoft splwow64 Elevation of Privilege Vulnerability

CVE-2021-1648 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1688 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693.

CVE-2021-1688 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Fax Compose Form Remote Code Execution Vulnerability

CVE-2021-1657 7.8 - High - January 12, 2021

Windows Fax Compose Form Remote Code Execution Vulnerability

CVE-2021-1657 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows LUAFV Elevation of Privilege Vulnerability

CVE-2021-1706 8.8 - High - January 12, 2021

Windows LUAFV Elevation of Privilege Vulnerability

CVE-2021-1706 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-1710 7.8 - High - January 12, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-1710 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

GDI+ Remote Code Execution Vulnerability

CVE-2021-1665 7.8 - High - January 12, 2021

GDI+ Remote Code Execution Vulnerability

CVE-2021-1665 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1673 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1673 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1701 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700.

CVE-2021-1701 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1653 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1653 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Hyper-V Denial of Service Vulnerability This CVE ID is unique

CVE-2021-1691 7.7 - High - January 12, 2021

Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1692.

CVE-2021-1691 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 3.1 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1638 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE-2021-1684.

CVE-2021-1638 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

AuthZ

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1651 7.8 - High - January 12, 2021

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1680.

CVE-2021-1651 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Docker Information Disclosure Vulnerability

CVE-2021-1645 5.5 - Medium - January 12, 2021

Windows Docker Information Disclosure Vulnerability

CVE-2021-1645 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-1662 7.8 - High - January 12, 2021

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-1662 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1671 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1671 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1664 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1664 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1680 7.8 - High - January 12, 2021

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1651.

CVE-2021-1680 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Active Template Library Elevation of Privilege Vulnerability

CVE-2021-1649 7.8 - High - January 12, 2021

Active Template Library Elevation of Privilege Vulnerability

CVE-2021-1649 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

CVE-2021-1650 7.8 - High - January 12, 2021

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

CVE-2021-1650 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1683 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.

CVE-2021-1683 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows DNS Query Information Disclosure Vulnerability

CVE-2021-1637 5.5 - Medium - January 12, 2021

Windows DNS Query Information Disclosure Vulnerability

CVE-2021-1637 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1642 7.8 - High - January 12, 2021

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1685.

CVE-2021-1642 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1684 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.

CVE-2021-1684 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

CVE-2021-1676 5.5 - Medium - January 12, 2021

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

CVE-2021-1676 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CryptoAPI Denial of Service Vulnerability

CVE-2021-1679 6.5 - Medium - January 12, 2021

Windows CryptoAPI Denial of Service Vulnerability

CVE-2021-1679 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows Event Logging Service Elevation of Privilege Vulnerability

CVE-2021-1703 7.8 - High - January 12, 2021

Windows Event Logging Service Elevation of Privilege Vulnerability

CVE-2021-1703 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2021-1704 7.8 - High - January 12, 2021

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2021-1704 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Win32k Elevation of Privilege Vulnerability

CVE-2021-1709 7.8 - High - January 12, 2021

Windows Win32k Elevation of Privilege Vulnerability

CVE-2021-1709 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1685 7.8 - High - January 12, 2021

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1642.

CVE-2021-1685 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Graphics Component Information Disclosure Vulnerability

CVE-2021-1696 5.5 - Medium - January 12, 2021

Windows Graphics Component Information Disclosure Vulnerability

CVE-2021-1696 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1667 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1667 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1700 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701.

CVE-2021-1700 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

CVE-2021-1702 7.8 - High - January 12, 2021

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

CVE-2021-1702 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Update Stack Elevation of Privilege Vulnerability

CVE-2021-1694 9.8 - Critical - January 12, 2021

Windows Update Stack Elevation of Privilege Vulnerability

CVE-2021-1694 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1652 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1652 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1668 7.8 - High - January 12, 2021

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1668 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

TPM Device Driver Information Disclosure Vulnerability

CVE-2021-1656 5.5 - Medium - January 12, 2021

TPM Device Driver Information Disclosure Vulnerability

CVE-2021-1656 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1655 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1655 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Multipoint Management Elevation of Privilege Vulnerability

CVE-2021-1689 7.8 - High - January 12, 2021

Windows Multipoint Management Elevation of Privilege Vulnerability

CVE-2021-1689 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

NTLM Security Feature Bypass Vulnerability

CVE-2021-1678 7.5 - High - January 12, 2021

NTLM Security Feature Bypass Vulnerability

CVE-2021-1678 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows GDI+ Information Disclosure Vulnerability

CVE-2021-1708 5.7 - Medium - January 12, 2021

Windows GDI+ Information Disclosure Vulnerability

CVE-2021-1708 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1693 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688.

CVE-2021-1693 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-1695 7.8 - High - January 12, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-1695 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1661 7.8 - High - January 12, 2021

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1661 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique

CVE-2021-1672 5.5 - Medium - January 12, 2021

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1663, CVE-2021-1670.

CVE-2021-1672 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1654 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1654 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1659 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1659 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16961 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16961 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16960 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16960 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16962 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16962 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows NTFS Remote Code Execution Vulnerability

CVE-2020-17096 8.8 - High - December 10, 2020

Windows NTFS Remote Code Execution Vulnerability

CVE-2020-17096 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows SMB Information Disclosure Vulnerability

CVE-2020-17140 6.5 - Medium - December 10, 2020

Windows SMB Information Disclosure Vulnerability

CVE-2020-17140 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16963 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16964.

CVE-2020-16963 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Kerberos Security Feature Bypass Vulnerability

CVE-2020-16996 6.5 - Medium - December 10, 2020

Kerberos Security Feature Bypass Vulnerability

CVE-2020-16996 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Windows Network Connections Service Elevation of Privilege Vulnerability

CVE-2020-17092 7.8 - High - December 10, 2020

Windows Network Connections Service Elevation of Privilege Vulnerability

CVE-2020-17092 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17134 7.8 - High - December 10, 2020

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17136.

CVE-2020-17134 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17136 7.8 - High - December 10, 2020

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17134.

CVE-2020-17136 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Overlay Filter Security Feature Bypass Vulnerability

CVE-2020-17139 7.8 - High - December 10, 2020

Windows Overlay Filter Security Feature Bypass Vulnerability

CVE-2020-17139 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique

CVE-2020-17138 5.5 - Medium - December 10, 2020

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17094.

CVE-2020-17138 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

DirectX Graphics Kernel Elevation of Privilege Vulnerability

CVE-2020-17137 7.8 - High - December 10, 2020

DirectX Graphics Kernel Elevation of Privilege Vulnerability

CVE-2020-17137 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Lock Screen Security Feature Bypass Vulnerability

CVE-2020-17099 6.8 - Medium - December 10, 2020

Windows Lock Screen Security Feature Bypass Vulnerability

CVE-2020-17099 can be explotited with physical access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.9 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique

CVE-2020-17094 5.5 - Medium - December 10, 2020

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17138.

CVE-2020-17094 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17103 7.8 - High - December 10, 2020

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17134, CVE-2020-17136.

CVE-2020-17103 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2020-17097 7.8 - High - December 10, 2020

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2020-17097 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Hyper-V Remote Code Execution Vulnerability

CVE-2020-17095 9.9 - Critical - December 10, 2020

Hyper-V Remote Code Execution Vulnerability

CVE-2020-17095 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 3.1 out of four. The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16959 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16959 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16958 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16958 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows GDI+ Information Disclosure Vulnerability

CVE-2020-17098 5.5 - Medium - December 10, 2020

Windows GDI+ Information Disclosure Vulnerability

CVE-2020-17098 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16964 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963.

CVE-2020-16964 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Update Orchestrator Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17073 7.8 - High - November 11, 2020

Windows Update Orchestrator Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17074, CVE-2020-17076.

CVE-2020-17073 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Desktop Protocol Server Information Disclosure Vulnerability

CVE-2020-16997 6.5 - Medium - November 11, 2020

Remote Desktop Protocol Server Information Disclosure Vulnerability

CVE-2020-16997 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17031 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17031 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17032 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17032 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Spoofing Vulnerability

CVE-2020-1599 5.5 - Medium - November 11, 2020

Windows Spoofing Vulnerability

CVE-2020-1599 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Win32k Information Disclosure Vulnerability

CVE-2020-17013 5.5 - Medium - November 11, 2020

Win32k Information Disclosure Vulnerability

CVE-2020-17013 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

DirectX Elevation of Privilege Vulnerability

CVE-2020-16998 7.8 - High - November 11, 2020

DirectX Elevation of Privilege Vulnerability

CVE-2020-16998 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2020-17088 7.8 - High - November 11, 2020

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2020-17088 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17043 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17043 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17055 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044.

CVE-2020-17055 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17033 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17033 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Update Orchestrator Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17076 7.8 - High - November 11, 2020

Windows Update Orchestrator Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17073, CVE-2020-17074.

CVE-2020-17076 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Desktop Protocol Client Information Disclosure Vulnerability

CVE-2020-17000 5.5 - Medium - November 11, 2020

Remote Desktop Protocol Client Information Disclosure Vulnerability

CVE-2020-17000 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Network File System Remote Code Execution Vulnerability

CVE-2020-17051 9.8 - Critical - November 11, 2020

Windows Network File System Remote Code Execution Vulnerability

CVE-2020-17051 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2020-17042 8.8 - High - November 11, 2020

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2020-17042 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability

CVE-2020-17024 7.8 - High - November 11, 2020

Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability

CVE-2020-17024 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Update Orchestrator Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17074 7.8 - High - November 11, 2020

Windows Update Orchestrator Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17073, CVE-2020-17076.

CVE-2020-17074 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Print Configuration Elevation of Privilege Vulnerability

CVE-2020-17041 7.8 - High - November 11, 2020

Windows Print Configuration Elevation of Privilege Vulnerability

CVE-2020-17041 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Network File System Information Disclosure Vulnerability

CVE-2020-17056 5.5 - Medium - November 11, 2020

Windows Network File System Information Disclosure Vulnerability

CVE-2020-17056 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.