CVE-2020-1362

HIGH

Windows WalletService - Privilege Escalation

Title source: llm

Description

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1344, CVE-2020-1369.

Exploits (2)

nomisec WORKING POC

by asdyxcyxc · poc

https://github.com/asdyxcyxc/CVE-2020-1362

View Code ZIP pw:eip

inthewild

poc

https://github.com/q4n/cve-2020-1362

View on inthewild

References (1)

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1362

Scores

CVSS v3 7.8

EPSS 0.1326

EPSS Percentile 94.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (13)

microsoft/windows_10

microsoft/windows_10 1607

microsoft/windows_10 1709

microsoft/windows_10 1803

microsoft/windows_10 1809

microsoft/windows_10 1903

microsoft/windows_10 1909

microsoft/windows_10 2004

microsoft/windows_server_2016

microsoft/windows_server_2016 1903

... and 3 more

Published Jul 14, 2020

Tracked Since Feb 18, 2026