CVE-2020-1054 - Microsoft Win32k Privilege Escalation Vulnerability
Project:Microsoft
Product:Win32k
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Microsoft Win32k Privilege Escalation Vulnerability
Description
Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-1054