CVE-2020-1034

MEDIUM

Windows Kernel - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.

Exploits (2)

nomisec WORKING POC 126 stars

by yardenshafir · poc

https://github.com/yardenshafir/CVE-2020-1034

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by GeorgiiFirsov · poc

https://github.com/GeorgiiFirsov/CVE-2020-1034

View Code ZIP pw:eip

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1034

Scores

CVSS v3 6.8

EPSS 0.1702

EPSS Percentile 95.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Details

Status published

Products (17)

microsoft/windows_10

microsoft/windows_10 1607

microsoft/windows_10 1709

microsoft/windows_10 1803

microsoft/windows_10 1809

microsoft/windows_10 1903

microsoft/windows_10 1909

microsoft/windows_10 2004

microsoft/windows_8.1

microsoft/windows_rt_8.1

... and 7 more

Published Sep 11, 2020

Tracked Since Feb 18, 2026