CVE-2020-1381
HIGHWindows 10 and Windows Server 2016 - Elevation of Privilege via Graphics Component Use-After-Free
Title source: llmDescription
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1382.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1381
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-872/
Scores
CVSS v3
7.8
EPSS
0.0096
EPSS Percentile
57.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (6)
microsoft/windows_10
1903
microsoft/windows_10
1909
microsoft/windows_10
2004
microsoft/windows_server_2016
1903
microsoft/windows_server_2016
1909
microsoft/windows_server_2016
2004
Published
Jul 14, 2020
Tracked Since
Feb 18, 2026