CVE-2020-0624

HIGH EXPLOITED RANSOMWARE

Windows - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0642.

Exploits (1)

nomisec WORKING POC 71 stars

by james0x40 · poc

https://github.com/james0x40/CVE-2020-0624

View Code ZIP pw:eip

References (1)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0624

Scores

CVSS v3 7.8

EPSS 0.1454

EPSS Percentile 94.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2020-01-22

Ransomware Use Confirmed

Status published

Products (4)

microsoft/windows_10 1903

microsoft/windows_10 1909

microsoft/windows_server_2016 1903

microsoft/windows_server_2016 1909

Published Jan 14, 2020

Tracked Since Feb 18, 2026