CVE-2020-0792

HIGH

Windows 10 and Windows Server 2016 - Elevation of Privilege via Graphics Component Memory Handling

Title source: llm
STIX 2.1

Description

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-259/

Scores

CVSS v3 8.8
EPSS 0.0130
EPSS Percentile 67.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (4)
microsoft/windows_10 1903
microsoft/windows_10 1909
microsoft/windows_server_2016 1903
microsoft/windows_server_2016 1909
Published Feb 11, 2020
Tracked Since Feb 18, 2026