Windows Server 2019 Microsoft Windows Server 2019

stack.watch can email you when security vulnerabilities are reported in Microsoft Windows Server 2019. You can add multiple products that you use with Windows Server 2019 to create your own personal software stack watcher.

By the Year

In 2021 there have been 53 vulnerabilities in Microsoft Windows Server 2019 with an average score of 7.6 out of ten. Last year Windows Server 2019 had 743 security vulnerabilities published. Right now, Windows Server 2019 is on track to have less security vulnerabilities in 2021 than it did last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.15.

Year Vulnerabilities Average Score
2021 53 7.60
2020 743 7.45
2019 433 7.36
2018 54 6.90

It may take a day or so for new Windows Server 2019 vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Microsoft Windows Server 2019 Security Vulnerabilities

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1642 7.8 - High - January 12, 2021

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1685.

CVE-2021-1642 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows LUAFV Elevation of Privilege Vulnerability

CVE-2021-1706 8.8 - High - January 12, 2021

Windows LUAFV Elevation of Privilege Vulnerability

CVE-2021-1706 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1651 7.8 - High - January 12, 2021

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1680.

CVE-2021-1651 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1685 7.8 - High - January 12, 2021

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1642.

CVE-2021-1685 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1688 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693.

CVE-2021-1688 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1683 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.

CVE-2021-1683 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CryptoAPI Denial of Service Vulnerability

CVE-2021-1679 6.5 - Medium - January 12, 2021

Windows CryptoAPI Denial of Service Vulnerability

CVE-2021-1679 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows WLAN Service Elevation of Privilege Vulnerability

CVE-2021-1646 7.8 - High - January 12, 2021

Windows WLAN Service Elevation of Privilege Vulnerability

CVE-2021-1646 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Graphics Component Information Disclosure Vulnerability

CVE-2021-1696 5.5 - Medium - January 12, 2021

Windows Graphics Component Information Disclosure Vulnerability

CVE-2021-1696 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability

CVE-2021-1674 8.8 - High - January 12, 2021

Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability

CVE-2021-1674 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-1710 7.8 - High - January 12, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-1710 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1680 7.8 - High - January 12, 2021

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1651.

CVE-2021-1680 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-1662 7.8 - High - January 12, 2021

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-1662 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Active Template Library Elevation of Privilege Vulnerability

CVE-2021-1649 7.8 - High - January 12, 2021

Active Template Library Elevation of Privilege Vulnerability

CVE-2021-1649 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

CVE-2021-1676 5.5 - Medium - January 12, 2021

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

CVE-2021-1676 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1693 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688.

CVE-2021-1693 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-1682 7.8 - High - January 12, 2021

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-1682 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1660 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1660 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1664 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1664 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1652 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1652 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1654 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1654 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1668 7.8 - High - January 12, 2021

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1668 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1661 7.8 - High - January 12, 2021

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-1661 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

GDI+ Remote Code Execution Vulnerability

CVE-2021-1665 7.8 - High - January 12, 2021

GDI+ Remote Code Execution Vulnerability

CVE-2021-1665 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

TPM Device Driver Information Disclosure Vulnerability

CVE-2021-1656 5.5 - Medium - January 12, 2021

TPM Device Driver Information Disclosure Vulnerability

CVE-2021-1656 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1700 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701.

CVE-2021-1700 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Fax Compose Form Remote Code Execution Vulnerability

CVE-2021-1657 7.8 - High - January 12, 2021

Windows Fax Compose Form Remote Code Execution Vulnerability

CVE-2021-1657 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

NTLM Security Feature Bypass Vulnerability

CVE-2021-1678 7.5 - High - January 12, 2021

NTLM Security Feature Bypass Vulnerability

CVE-2021-1678 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1653 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1653 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Update Stack Elevation of Privilege Vulnerability

CVE-2021-1694 9.8 - Critical - January 12, 2021

Windows Update Stack Elevation of Privilege Vulnerability

CVE-2021-1694 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Improper Privilege Management

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique

CVE-2021-1672 5.5 - Medium - January 12, 2021

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1663, CVE-2021-1670.

CVE-2021-1672 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1673 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1673 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

CVE-2021-1702 7.8 - High - January 12, 2021

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

CVE-2021-1702 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1684 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.

CVE-2021-1684 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1666 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1666 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Docker Information Disclosure Vulnerability

CVE-2021-1645 5.5 - Medium - January 12, 2021

Windows Docker Information Disclosure Vulnerability

CVE-2021-1645 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Desktop Security Feature Bypass Vulnerability

CVE-2021-1669 8.8 - High - January 12, 2021

Windows Remote Desktop Security Feature Bypass Vulnerability

CVE-2021-1669 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

AuthZ

Windows Win32k Elevation of Privilege Vulnerability

CVE-2021-1709 7.8 - High - January 12, 2021

Windows Win32k Elevation of Privilege Vulnerability

CVE-2021-1709 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1701 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700.

CVE-2021-1701 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique

CVE-2021-1638 5.5 - Medium - January 12, 2021

Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE-2021-1684.

CVE-2021-1638 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

AuthZ

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1667 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1667 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

CVE-2021-1650 7.8 - High - January 12, 2021

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

CVE-2021-1650 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Multipoint Management Elevation of Privilege Vulnerability

CVE-2021-1689 7.8 - High - January 12, 2021

Windows Multipoint Management Elevation of Privilege Vulnerability

CVE-2021-1689 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2021-1704 7.8 - High - January 12, 2021

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2021-1704 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows (modem.sys) Information Disclosure Vulnerability

CVE-2021-1699 5.5 - Medium - January 12, 2021

Windows (modem.sys) Information Disclosure Vulnerability

CVE-2021-1699 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1658 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1658 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1659 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1659 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-1671 8.8 - High - January 12, 2021

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.

CVE-2021-1671 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-1695 7.8 - High - January 12, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-1695 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-1655 7.8 - High - January 12, 2021

Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

CVE-2021-1655 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows GDI+ Information Disclosure Vulnerability

CVE-2021-1708 5.7 - Medium - January 12, 2021

Windows GDI+ Information Disclosure Vulnerability

CVE-2021-1708 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows InstallService Elevation of Privilege Vulnerability

CVE-2021-1697 7.8 - High - January 12, 2021

Windows InstallService Elevation of Privilege Vulnerability

CVE-2021-1697 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Microsoft splwow64 Elevation of Privilege Vulnerability

CVE-2021-1648 7.8 - High - January 12, 2021

Microsoft splwow64 Elevation of Privilege Vulnerability

CVE-2021-1648 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17136 7.8 - High - December 10, 2020

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17134.

CVE-2020-17136 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16959 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16959 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16958 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16958 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Kerberos Security Feature Bypass Vulnerability

CVE-2020-16996 6.5 - Medium - December 10, 2020

Kerberos Security Feature Bypass Vulnerability

CVE-2020-16996 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16960 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16960 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2020-17097 7.8 - High - December 10, 2020

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2020-17097 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Hyper-V Remote Code Execution Vulnerability

CVE-2020-17095 9.9 - Critical - December 10, 2020

Hyper-V Remote Code Execution Vulnerability

CVE-2020-17095 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 3.1 out of four. The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17134 7.8 - High - December 10, 2020

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17136.

CVE-2020-17134 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16961 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16961 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16963 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16964.

CVE-2020-16963 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16964 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963.

CVE-2020-16964 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Lock Screen Security Feature Bypass Vulnerability

CVE-2020-17099 6.8 - Medium - December 10, 2020

Windows Lock Screen Security Feature Bypass Vulnerability

CVE-2020-17099 can be explotited with physical access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.9 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17103 7.8 - High - December 10, 2020

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17134, CVE-2020-17136.

CVE-2020-17103 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows GDI+ Information Disclosure Vulnerability

CVE-2020-17098 5.5 - Medium - December 10, 2020

Windows GDI+ Information Disclosure Vulnerability

CVE-2020-17098 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-16962 7.8 - High - December 10, 2020

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16963, CVE-2020-16964.

CVE-2020-16962 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows SMB Information Disclosure Vulnerability

CVE-2020-17140 6.5 - Medium - December 10, 2020

Windows SMB Information Disclosure Vulnerability

CVE-2020-17140 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique

CVE-2020-17094 5.5 - Medium - December 10, 2020

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17138.

CVE-2020-17094 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows NTFS Remote Code Execution Vulnerability

CVE-2020-17096 8.8 - High - December 10, 2020

Windows NTFS Remote Code Execution Vulnerability

CVE-2020-17096 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Network Connections Service Elevation of Privilege Vulnerability

CVE-2020-17092 7.8 - High - December 10, 2020

Windows Network Connections Service Elevation of Privilege Vulnerability

CVE-2020-17092 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Overlay Filter Security Feature Bypass Vulnerability

CVE-2020-17139 7.8 - High - December 10, 2020

Windows Overlay Filter Security Feature Bypass Vulnerability

CVE-2020-17139 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Hyper-V Security Feature Bypass Vulnerability

CVE-2020-17040 9.8 - Critical - November 11, 2020

Windows Hyper-V Security Feature Bypass Vulnerability

CVE-2020-17040 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

authentification

Remote Desktop Protocol Server Information Disclosure Vulnerability

CVE-2020-16997 6.5 - Medium - November 11, 2020

Remote Desktop Protocol Server Information Disclosure Vulnerability

CVE-2020-16997 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Error Reporting Elevation of Privilege Vulnerability

CVE-2020-17007 7.8 - High - November 11, 2020

Windows Error Reporting Elevation of Privilege Vulnerability

CVE-2020-17007 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Update Medic Service Elevation of Privilege Vulnerability

CVE-2020-17070 7.8 - High - November 11, 2020

Windows Update Medic Service Elevation of Privilege Vulnerability

CVE-2020-17070 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Kernel Elevation of Privilege Vulnerability

CVE-2020-17035 7.8 - High - November 11, 2020

Windows Kernel Elevation of Privilege Vulnerability

CVE-2020-17035 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17028 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17028 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows NDIS Information Disclosure Vulnerability

CVE-2020-17069 5.5 - Medium - November 11, 2020

Windows NDIS Information Disclosure Vulnerability

CVE-2020-17069 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17014 7.1 - High - November 11, 2020

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.

CVE-2020-17014 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity and availability.

Improper Privilege Management

Windows GDI+ Remote Code Execution Vulnerability

CVE-2020-17068 7.8 - High - November 11, 2020

Windows GDI+ Remote Code Execution Vulnerability

CVE-2020-17068 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Spoofing Vulnerability

CVE-2020-1599 5.5 - Medium - November 11, 2020

Windows Spoofing Vulnerability

CVE-2020-1599 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Windows Graphics Component Information Disclosure Vulnerability

CVE-2020-17004 5.5 - Medium - November 11, 2020

Windows Graphics Component Information Disclosure Vulnerability

CVE-2020-17004 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17031 7.8 - High - November 11, 2020

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.

CVE-2020-17031 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Network File System Remote Code Execution Vulnerability

CVE-2020-17051 9.8 - Critical - November 11, 2020

Windows Network File System Remote Code Execution Vulnerability

CVE-2020-17051 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Microsoft Defender for Endpoint Security Feature Bypass Vulnerability

CVE-2020-17090 9.8 - Critical - November 11, 2020

Microsoft Defender for Endpoint Security Feature Bypass Vulnerability

CVE-2020-17090 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Windows Delivery Optimization Information Disclosure Vulnerability

CVE-2020-17071 5.5 - Medium - November 11, 2020

Windows Delivery Optimization Information Disclosure Vulnerability

CVE-2020-17071 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Canonical Display Driver Information Disclosure Vulnerability

CVE-2020-17029 5.5 - Medium - November 11, 2020

Windows Canonical Display Driver Information Disclosure Vulnerability

CVE-2020-17029 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows MSCTF Server Information Disclosure Vulnerability

CVE-2020-17030 5.5 - Medium - November 11, 2020

Windows MSCTF Server Information Disclosure Vulnerability

CVE-2020-17030 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows Function Discovery SSDP Provider Information Disclosure Vulnerability

CVE-2020-17036 5.5 - Medium - November 11, 2020

Windows Function Discovery SSDP Provider Information Disclosure Vulnerability

CVE-2020-17036 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows Print Configuration Elevation of Privilege Vulnerability

CVE-2020-17041 7.8 - High - November 11, 2020

Windows Print Configuration Elevation of Privilege Vulnerability

CVE-2020-17041 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Error Reporting Denial of Service Vulnerability

CVE-2020-17046 5.5 - Medium - November 11, 2020

Windows Error Reporting Denial of Service Vulnerability

CVE-2020-17046 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Windows KernelStream Information Disclosure Vulnerability

CVE-2020-17045 5.5 - Medium - November 11, 2020

Windows KernelStream Information Disclosure Vulnerability

CVE-2020-17045 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Windows USO Core Worker Elevation of Privilege Vulnerability

CVE-2020-17075 7.8 - High - November 11, 2020

Windows USO Core Worker Elevation of Privilege Vulnerability

CVE-2020-17075 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Kerberos Security Feature Bypass Vulnerability

CVE-2020-17049 7.2 - High - November 11, 2020

Kerberos Security Feature Bypass Vulnerability

CVE-2020-17049 can be explotited with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Win32k Information Disclosure Vulnerability

CVE-2020-17013 5.5 - Medium - November 11, 2020

Win32k Information Disclosure Vulnerability

CVE-2020-17013 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Network File System Denial of Service Vulnerability

CVE-2020-17047 7.5 - High - November 11, 2020

Windows Network File System Denial of Service Vulnerability

CVE-2020-17047 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Win32k Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2020-17038 7.8 - High - November 11, 2020

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010.

CVE-2020-17038 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Windows Port Class Library Elevation of Privilege Vulnerability

CVE-2020-17011 7.8 - High - November 11, 2020

Windows Port Class Library Elevation of Privilege Vulnerability

CVE-2020-17011 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management