CVE-2020-0642

HIGH EXPLOITED RANSOMWARE

Windows Win32k - Use-After-Free Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2020-0642 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.

Description

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.

References (2)

Core 2
Core References

Scores

CVSS v3 7.8
EPSS 0.0150
EPSS Percentile 71.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2020-01-22
Ransomware Use Confirmed
CWE
CWE-416
Status published
Products (19)
microsoft/windows_10
microsoft/windows_10 1607
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_10 1903
microsoft/windows_10 1909
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 9 more
Published Jan 14, 2020
Tracked Since Feb 18, 2026