CVE-2020-1464
HIGH KEVWindows - Spoofing via Improper File Signature Validation
Title source: llmExploitation Summary
CVE-2020-1464 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 3, 2021.
Description
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded. The update addresses the vulnerability by correcting how Windows validates file signatures.
References (5)
Core 5
Core References
Exploit, Third Party Advisory x_refsource_misc
https://medium.com/%40TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd
Issue Tracking, Third Party Advisory x_refsource_misc
https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464
Third Party Advisory x_refsource_misc
https://blog.virustotal.com/2019/01/distribution-of-malicious-jar-appended.html
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1464
Scores
CVSS v3
7.8
EPSS
0.0786
EPSS Percentile
92.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2021-11-03
VulnCheck KEV
2020-08-11
InTheWild.io
2020-08-11
ENISA EUVD
EUVD-2020-12339
CWE
CWE-347
Status
published
Products (20)
microsoft/windows_10_1507
microsoft/windows_10_1607
microsoft/windows_10_1709
microsoft/windows_10_1803
microsoft/windows_10_1809
microsoft/windows_10_1903
microsoft/windows_10_1909
microsoft/windows_10_2004
microsoft/windows_7
microsoft/windows_8.1
... and 10 more
Published
Aug 17, 2020
KEV Added
Nov 03, 2021
Tracked Since
Feb 18, 2026