Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
Azure DevOps CVE-2020-17145 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
Azure DevOps CVE-2020-17135 Azure DevOps Server Spoofing Vulnerability
Azure SDK CVE-2020-17002 Azure SDK for C Security Feature Bypass Vulnerability
Azure SDK CVE-2020-16971 Azure SDK for Java Security Feature Bypass Vulnerability
Azure Sphere CVE-2020-17160 Azure Sphere Security Feature Bypass Vulnerability
Microsoft Dynamics CVE-2020-17147 Dynamics CRM Webclient Cross-site Scripting Vulnerability
Microsoft Dynamics CVE-2020-17133 Microsoft Dynamics Business Central/NAV Information Disclosure
Microsoft Dynamics CVE-2020-17158 Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
Microsoft Dynamics CVE-2020-17152 Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
Microsoft Edge CVE-2020-17153 Microsoft Edge for Android Spoofing Vulnerability
Microsoft Edge CVE-2020-17131 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2020-17143 Microsoft Exchange Information Disclosure Vulnerability
Microsoft Exchange Server CVE-2020-17144 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2020-17141 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2020-17117 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2020-17132 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2020-17142 Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2020-17137 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-17098 Windows GDI+ Information Disclosure Vulnerability
Microsoft Office CVE-2020-17130 Microsoft Excel Security Feature Bypass Vulnerability
Microsoft Office CVE-2020-17128 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17129 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17124 Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17123 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17119 Microsoft Outlook Information Disclosure Vulnerability
Microsoft Office CVE-2020-17125 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17127 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17126 Microsoft Excel Information Disclosure Vulnerability
Microsoft Office CVE-2020-17122 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-17115 Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePoint CVE-2020-17120 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-17121 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-17118 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-17089 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17136 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-16996 Kerberos Security Feature Bypass Vulnerability
Microsoft Windows CVE-2020-17138 Windows Error Reporting Information Disclosure Vulnerability
Microsoft Windows CVE-2020-17092 Windows Network Connections Service Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17139 Windows Overlay Filter Security Feature Bypass Vulnerability
Microsoft Windows CVE-2020-17103 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17134 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Microsoft Windows DNS ADV200013 Microsoft Guidance for Addressing Spoofing Vulnerability in DNS Resolver
Visual Studio CVE-2020-17148 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
Visual Studio CVE-2020-17159 Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
Visual Studio CVE-2020-17156 Visual Studio Remote Code Execution Vulnerability
Visual Studio CVE-2020-17150 Visual Studio Code Remote Code Execution Vulnerability
Windows Backup Engine CVE-2020-16960 Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine CVE-2020-16958 Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine CVE-2020-16959 Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine CVE-2020-16961 Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine CVE-2020-16964 Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine CVE-2020-16963 Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine CVE-2020-16962 Windows Backup Engine Elevation of Privilege Vulnerability
Windows Error Reporting CVE-2020-17094 Windows Error Reporting Information Disclosure Vulnerability
Windows Hyper-V CVE-2020-17095 Hyper-V Remote Code Execution Vulnerability
Windows Lock Screen CVE-2020-17099 Windows Lock Screen Security Feature Bypass Vulnerability
Windows Media CVE-2020-17097 Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows SMB CVE-2020-17096 Windows NTFS Remote Code Execution Vulnerability
Windows SMB CVE-2020-17140 Windows SMB Information Disclosure Vulnerability

CVE-2020-17089 - Microsoft SharePoint Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17089
MITRE
NVD
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.1/6.4
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17089
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4486753 (Security Update) Important Elevation of Privilege 4486717 Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4493149 (Security Update) Important Elevation of Privilege 4486744 Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493138 (Security Update) Important Elevation of Privilege 4486733 Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4486751 (Security Update) Important Elevation of Privilege 4486714 Base: 7.1
Temporal: 6.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17089 Steven Seeley (mr_me) and Yuhao Weng (@cjm00nw)


CVE-2020-17092 - Windows Network Connections Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17092
MITRE
NVD
CVE Title: Windows Network Connections Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17092
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4592464 (Security Update) Important Elevation of Privilege 4586787 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4592464 (Security Update) Important Elevation of Privilege 4586787 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 4592484 (Monthly Rollup) Important Elevation of Privilege 4586845
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Elevation of Privilege 4586834
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Elevation of Privilege 4586834
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17092 Xuefeng Li (@lxf02942370) of Sangfor & Zhiniang Peng (@edwardzpeng)


CVE-2020-17094 - Windows Error Reporting Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17094
MITRE
NVD
CVE Title: Windows Error Reporting Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17094
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Information Disclosure 4586785 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Information Disclosure 4586785 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Information Disclosure 4586785 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17094 Tao Yan (@Ga1ois) and Bo Qu from Palo Alto Networks


CVE-2020-17095 - Hyper-V Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17095
MITRE
NVD
CVE Title: Hyper-V Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.5/7.4
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How could an attacker exploit this vulnerability?

To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code when it fails to properly validate vSMB packet data.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17095
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for x64-based Systems 4593226 (Security Update) Critical Remote Code Execution 4586830
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Critical Remote Code Execution 4586785 Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Critical Remote Code Execution 4586793
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Critical Remote Code Execution 4586786
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Critical Remote Code Execution 4586786
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Critical Remote Code Execution 4586781
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Critical Remote Code Execution 4586781
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 4593226 (Security Update) Critical Remote Code Execution 4586830
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4593226 (Security Update) Critical Remote Code Execution 4586830
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Critical Remote Code Execution 4586793
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Critical Remote Code Execution 4586793
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Critical Remote Code Execution 4586786
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Critical Remote Code Execution 4586786
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Critical Remote Code Execution 4586781
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Critical Remote Code Execution 4586781
Base: 8.5
Temporal: 7.4
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17095 Peter Hlavaty (@rezer0dai)


CVE-2020-17096 - Windows NTFS Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17096
MITRE
NVD
CVE Title: Windows NTFS Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How would an attacker exploit this vulnerability?

A local attacker could run a specially crafted application that would elevate the attacker's privileges.

A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17096
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4592464 (Security Update) Important Remote Code Execution 4586787 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4592464 (Security Update) Important Remote Code Execution 4586787 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4593226 (Security Update) Important Remote Code Execution 4586830
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4593226 (Security Update) Important Remote Code Execution 4586830
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Remote Code Execution 4586785 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Remote Code Execution 4586785 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Remote Code Execution 4586785 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Remote Code Execution 4586793
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Remote Code Execution 4586793
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Remote Code Execution 4586793
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Remote Code Execution 4586845
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Remote Code Execution 4586845
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 4592484 (Monthly Rollup) Important Remote Code Execution 4586845
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Remote Code Execution 4586834
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Remote Code Execution 4586834
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Remote Code Execution 4586845
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Remote Code Execution 4586845
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 4593226 (Security Update) Important Remote Code Execution 4586830
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4593226 (Security Update) Important Remote Code Execution 4586830
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Remote Code Execution 4586793
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Remote Code Execution 4586793
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Remote Code Execution 4586786
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Remote Code Execution 4586781
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17096 Peter Hlavaty (@rezer0dai)


CVE-2020-17097 - Windows Digital Media Receiver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17097
MITRE
NVD
CVE Title: Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 3.3/2.9
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17097
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4592464 (Security Update) Important Elevation of Privilege 4586787 Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4592464 (Security Update) Important Elevation of Privilege 4586787 Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows RT 8.1 4592484 (Monthly Rollup) Important Elevation of Privilege 4586845
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Elevation of Privilege 4586834
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Elevation of Privilege 4586834
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Elevation of Privilege 4586845
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4593226 (Security Update) Important Elevation of Privilege 4586830
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 3.3
Temporal: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17097 Xuefeng Li (@lxf02942370) of Sangfor & Zhiniang Peng (@edwardzpeng)


CVE-2020-17098 - Windows GDI+ Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17098
MITRE
NVD
CVE Title: Windows GDI+ Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17098
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4592464 (Security Update) Important Information Disclosure 4586787 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4592464 (Security Update) Important Information Disclosure 4586787 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Information Disclosure 4586785 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Information Disclosure 4586785 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Information Disclosure 4586785 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4592471 (Monthly Rollup)
4592503 (Security Only)
Important Information Disclosure 4586827
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4592471 (Monthly Rollup)
4592503 (Security Only)
Important Information Disclosure 4586827
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Information Disclosure 4586845
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Information Disclosure 4586845
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows RT 8.1 4592484 (Monthly Rollup) Important Information Disclosure 4586845
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4592498 (Monthly Rollup)
4592504 (Security Only)
Important Information Disclosure 4586807
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4592498 (Monthly Rollup)
4592504 (Security Only)
Important Information Disclosure 4586807
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4592498 (Monthly Rollup)
4592504 (Security Only)
Important Information Disclosure 4586807
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4592498 (Monthly Rollup)
4592504 (Security Only)
Important Information Disclosure 4586807
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4592471 (Monthly Rollup)
4592503 (Security Only)
Important Information Disclosure 4586827
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4592471 (Monthly Rollup)
4592503 (Security Only)
Important Information Disclosure 4586827
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Information Disclosure 4586834
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4592468 (Monthly Rollup)
4592497 (Security Only)
Important Information Disclosure 4586834
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Information Disclosure 4586845
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4592484 (Monthly Rollup)
4592495 (Security Only)
Important Information Disclosure 4586845
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Information Disclosure 4586793
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Information Disclosure 4586786
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Information Disclosure 4586781
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17098 Jianyang Song of JDCloud Security Team


CVE-2020-17099 - Windows Lock Screen Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17099
MITRE
NVD
CVE Title: Windows Lock Screen Security Feature Bypass Vulnerability
CVSS:

CVSS:3.0 6.8/5.9
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How could an attacker exploit this vulnerability?

An authenticated user would need to lock their active session. An attacker with physical access could then perform actions that would allow them to execute code from the Windows lock screen in the context of the active user session.

NOTE: This can only be exploited if a user has already logged in and locked their session.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17099
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4592464 (Security Update) Important Security Feature Bypass 4586787 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4592464 (Security Update) Important Security Feature Bypass 4586787 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4593226 (Security Update) Important Security Feature Bypass 4586830
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4593226 (Security Update) Important Security Feature Bypass 4586830
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Security Feature Bypass 4586785 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Security Feature Bypass 4586785 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Security Feature Bypass 4586785 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 4593226 (Security Update) Important Security Feature Bypass 4586830
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4593226 (Security Update) Important Security Feature Bypass 4586830
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17099 Lockheed Martin Red Team


CVE-2020-17103 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17103
MITRE
NVD
CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17103
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17103 James Forshaw of Google Project Zero


CVE-2020-17117 - Microsoft Exchange Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17117
MITRE
NVD
CVE Title: Microsoft Exchange Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 6.6/5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17117
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 4593466 (Security Update) Critical Remote Code Execution 4588741
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 17 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 6.6
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17117 Steven Seeley (mr_me)


CVE-2020-17118 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17118
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.1/7.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17118
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4486753 (Security Update) Critical Remote Code Execution 4486717 Base: 8.1
Temporal: 7.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4493149 (Security Update) Critical Remote Code Execution 4486744 Base: 8.1
Temporal: 7.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493138 (Security Update) Critical Remote Code Execution 4486733 Base: 8.1
Temporal: 7.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4486751 (Security Update) Critical Remote Code Execution 4486714 Base: 8.1
Temporal: 7.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17118 Jonathan Birch of Microsoft Office Security Team


CVE-2020-17119 - Microsoft Outlook Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17119
MITRE
NVD
CVE Title: Microsoft Outlook Information Disclosure Vulnerability
CVSS:

CVSS:3.0 6.5/5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office 2019 for Mac currently available?

The security update for Microsoft Office 2019 for Mac is not immediately available. The update will be released as soon as possible, and when it is available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17119
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
No
Microsoft Office 2019 for Mac Important Information Disclosure None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown
Microsoft Outlook 2010 Service Pack 2 (32-bit editions) 4486742 (Security Update) Important Information Disclosure 4486663 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Outlook 2010 Service Pack 2 (64-bit editions) 4486742 (Security Update) Important Information Disclosure 4486663 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Outlook 2013 RT Service Pack 1 4486732 (Security Update) Important Information Disclosure 4484524 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Outlook 2013 Service Pack 1 (32-bit editions) 4486732 (Security Update) Important Information Disclosure 4484524 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 4486732 (Security Update) Important Information Disclosure 4484524 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Outlook 2016 (32-bit edition) 4486748 (Security Update) Important Information Disclosure 4486671 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Outlook 2016 (64-bit edition) 4486748 (Security Update) Important Information Disclosure 4486671 Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17119 working with Trend Micro Zero Day Initiative


CVE-2020-17132 - Microsoft Exchange Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17132
MITRE
NVD
CVE Title: Microsoft Exchange Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.4/7.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What can cause this vulnerability?

The vulnerability occurs due to improper validation of cmdlet arguments.

Does the attacker need to be in an authenticated role in the Exchange Server?

Yes, the attacker must be authenticated.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17132
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 4593466 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 17 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17132 Steven Seeley of Source Incite


X41 D-SEC GmbH, Markus Vervier, Yasar Klawohn


Dlive(https://twitter.com/D1iv3) of Tencent Security Xuanwu Lab


CVE-2020-17134 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17134
MITRE
NVD
CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17134
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17134 James Forshaw of Google Project Zero


CVE-2020-17135 - Azure DevOps Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17135
MITRE
NVD
CVE Title: Azure DevOps Server Spoofing Vulnerability
CVSS:

CVSS:3.0 6.4/5.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17135
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure DevOps Server 2019 Update 1.1 Release Notes (Security Update) Important Spoofing None Base: 6.4
Temporal: 5.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
Maybe
Azure DevOps Server 2019.0.1 Release Notes (Security Update) Important Spoofing None Base: 6.4
Temporal: 5.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17135 Pham Van Khanh (@rskvp93) of Viettel Cyber Security


CVE-2020-17136 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17136
MITRE
NVD
CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17136
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4592446 (Security Update) Important Elevation of Privilege 4586785 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Elevation of Privilege 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Elevation of Privilege 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17136 James Forshaw of Google Project Zero


CVE-2020-17137 - DirectX Graphics Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17137
MITRE
NVD
CVE Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17137
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Elevation of Privilege 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17137 k0shl


CVE-2020-17138 - Windows Error Reporting Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17138
MITRE
NVD
CVE Title: Windows Error Reporting Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17138
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4593226 (Security Update) Important Information Disclosure 4586830
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17138 Tao Yan (@Ga1ois) from Palo Alto Networks


CVE-2020-17139 - Windows Overlay Filter Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17139
MITRE
NVD
CVE Title: Windows Overlay Filter Security Feature Bypass Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17139
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for 32-bit Systems 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for ARM64-based Systems 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1903 for x64-based Systems 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4592440 (Security Update) Important Security Feature Bypass 4586793
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1903 (Server Core installation) 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 4592449 (Security Update) Important Security Feature Bypass 4586786
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 4592438 (Security Update) Important Security Feature Bypass 4586781
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17139 James Forshaw of Google Project Zero


CVE-2020-17141 - Microsoft Exchange Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17141
MITRE
NVD
CVE Title: Microsoft Exchange Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.4/7.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What can cause this vulnerability?

The vulnerability occurs due to improper validation of cmdlet arguments.

Does the attacker need to be in an authenticated role in the Exchange Server?

Yes, the attacker must be authenticated.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17141
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2016 Cumulative Update 17 4593465 (Security Update) Important Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 4593465 (Security Update) Important Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 4593465 (Security Update) Important Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 4593465 (Security Update) Important Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17141 Steven Seeley (mr_me) of Source Incite


CVE-2020-17142 - Microsoft Exchange Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17142
MITRE
NVD
CVE Title: Microsoft Exchange Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.4/7.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What can cause this vulnerability?

The vulnerability occurs due to improper validation of cmdlet arguments.

Does the attacker need to be in an authenticated role in the Exchange Server?

Yes, the attacker must be authenticated.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17142
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 4593466 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 17 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 4593465 (Security Update) Critical Remote Code Execution 4588741
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17142 Pham Van Khanh @rskvp93 from Viettel Cyber Security


CVE-2020-17143 - Microsoft Exchange Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17143
MITRE
NVD
CVE Title: Microsoft Exchange Information Disclosure Vulnerability
CVSS:

CVSS:3.0 8.8/7.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17143
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 4593466 (Security Update) Important Information Disclosure 4588741
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 17 4593465 (Security Update) Important Information Disclosure 4588741
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 4593465 (Security Update) Important Information Disclosure 4588741
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 4593465 (Security Update) Important Information Disclosure 4588741
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 4593465 (Security Update) Important Information Disclosure 4588741
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17143 Steven Seeley (mr_me) of Source Incite


CVE-2020-17144 - Microsoft Exchange Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17144
MITRE
NVD
CVE Title: Microsoft Exchange Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.4/7.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What can cause this vulnerability?

The vulnerability occurs due to improper validation of cmdlet arguments.

Does the attacker need to be in an authenticated role in the Exchange Server?

Yes, the attacker must be authenticated.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17144
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31 4593467 (Security Update) Important Remote Code Execution 4536989
Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17144 zcgonvh from A-TEAM of Legendsec at Qi'anxin Group


CVE-2020-17147 - Dynamics CRM Webclient Cross-site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17147
MITRE
NVD
CVE Title: Dynamics CRM Webclient Cross-site Scripting Vulnerability
CVSS:

CVSS:3.0 8.7/7.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What privileges are required to exploit this vulnerability?

To exploit this vulnerability, an attacker would be required to have a System Customizer OR Administrator role.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17147
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8.2 4595462 (Security Update) Important Spoofing None Base: 8.7
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
Maybe
Microsoft Dynamics 365 (on-premises) version 9.0 4595459 (Security Update) Important Spoofing None Base: 8.7
Temporal: 7.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17147 Ashar Javed of Hyundai AutoEver Europe GmbH


CVE-2020-17148 - Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17148
MITRE
NVD
CVE Title: Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How could an attacker exploit this vulnerability?

An attacker would have to convince a user with the Visual Studio Code Remote Development Extension installed to click on a specially crafted link.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17148
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Visual Studio Code Remote - SSH Extension Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17148 Abdel Adim `smaury` Oisfi of Shielder


CVE-2020-17150 - Visual Studio Code Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17150
MITRE
NVD
CVE Title: Visual Studio Code Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17150
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Visual Studio Code TS-Lint Extension Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17150 David Dworken


CVE-2020-17152 - Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17152
MITRE
NVD
CVE Title: Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What privileges are required to exploit this vulnerability?

The user must be authenticated to be able to exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17152
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Dynamics 365 for Finance and Operations Release Notes (Security Update) Critical Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17152 Ha Anh Hoang of Viettel Cybersecurity


CVE-2020-17156 - Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17156
MITRE
NVD
CVE Title: Visual Studio Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would need to convince a targeted user to clone a malicious repository from inside Visual Studio. Attacker-specified code would execute during the clone operation.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17156
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.0 Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.8 Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17156 None

CVE-2020-17158 - Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17158
MITRE
NVD
CVE Title: Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What privileges are required to exploit this vulnerability?

The user must be authenticated to be able to exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2020-12-08T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17158
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Dynamics 365 for Finance and Operations Release Notes (Security Update) Critical Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17158 Ha Anh Hoang of Viettel Cybersecurity


CVE-2020-17159 - Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17159
MITRE
NVD
CVE Title: Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix