CVE-2020-1464
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD (Secondary)
Description
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.
In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded.
The update addresses the vulnerability by correcting how Windows validates file signatures.
Affected (20)
Products: Microsoft: Windows 10 1507, Windows 10 1607, Windows 10 1709, Windows 10 1803, Windows 10 1809, Windows 10 1903, Windows 10 1909, Windows 10 2004, Windows 7, Windows 8.1, Windows Rt 8.1, Windows Server 1903, Windows Server 1909, Windows Server 2004, Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Server 2019
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
References (9)
Source: secure@microsoft.com
Third Party Advisory
Source: secure@microsoft.com
Issue TrackingThird Party Advisory
Source: secure@microsoft.com
ExploitThird Party Advisory
Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource
Timeline
No history available yet.