CVE-2020-0634

HIGH

Windows Common Log File System Driver - Use-After-Free

Title source: llm
STIX 2.1

Description

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-125/

Scores

CVSS v3 7.8
EPSS 0.0123
EPSS Percentile 65.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (19)
microsoft/windows_10
microsoft/windows_10 1607
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_10 1903
microsoft/windows_10 1909
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 9 more
Published Jan 14, 2020
Tracked Since Feb 18, 2026