CVE-2020-1592 - Vulnerability Details

Vendors	Products
Microsoft	Windows 10 Windows 10 1803 Windows 10 1809 Windows 10 1909 Windows Server 1903 Windows Server 1909 Windows Server 2004 Windows Server 2016 Windows Server 2019

Link	Providers
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592

Show plain JSON

{"containers": {"cna": {"title": "Windows Kernel Information Disclosure Vulnerability", "datePublic": "2020-09-08T07:00:00+00:00", "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1803", "cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1909", "cpes": ["cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server, version 1909 (Server Core installation)", "cpes": ["cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for 32-bit Systems", "cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for x64-based Systems", "cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for ARM64-based Systems", "cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server, version 1903 (Server Core installation)", "cpes": ["cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 2004", "cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server version 2004", "cpes": ["cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "<p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p>\n<p>To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user\u2019s system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.</p>\n", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure", "lang": "en-US", "type": "Impact"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2023-12-31T21:34:14.606Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 4.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"}}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:39:10.700Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2020-1592", "datePublished": "2020-09-11T17:09:25", "dateReserved": "2019-11-04T00:00:00", "dateUpdated": "2024-08-04T06:39:10.700Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

title : Windows Kernel Information Disclosure Vulnerability (string)

datePublic : 2020-09-08T07:00:00+00:00 (string)

affected : [ »

0 : { »

vendor : Microsoft (string)

product : Windows 10 Version 1803 (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* (string)

1 : cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:* (string)

2 : cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:* (string)

]

platforms : [ »

0 : 32-bit Systems (string)

1 : x64-based Systems (string)

2 : ARM64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

1 : { »

vendor : Microsoft (string)

product : Windows 10 Version 1809 (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* (string)

1 : cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* (string)

2 : cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:* (string)

]

platforms : [ »

0 : 32-bit Systems (string)

1 : x64-based Systems (string)

2 : ARM64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

2 : { »

vendor : Microsoft (string)

product : Windows Server 2019 (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : x64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

3 : { »

vendor : Microsoft (string)

product : Windows Server 2019 (Server Core installation) (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : x64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

4 : { »

vendor : Microsoft (string)

product : Windows 10 Version 1909 (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:* (string)

1 : cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:* (string)

2 : cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* (string)

]

platforms : [ »

0 : 32-bit Systems (string)

1 : x64-based Systems (string)

2 : ARM64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

5 : { »

vendor : Microsoft (string)

product : Windows Server, version 1909 (Server Core installation) (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : x64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

6 : { »

vendor : Microsoft (string)

product : Windows 10 Version 1903 for 32-bit Systems (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : Unknown (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

7 : { »

vendor : Microsoft (string)

product : Windows 10 Version 1903 for x64-based Systems (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : Unknown (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

8 : { »

vendor : Microsoft (string)

product : Windows 10 Version 1903 for ARM64-based Systems (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : Unknown (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

9 : { »

vendor : Microsoft (string)

product : Windows Server, version 1903 (Server Core installation) (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : x64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

10 : { »

vendor : Microsoft (string)

product : Windows 10 Version 2004 (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* (string)

]

platforms : [ »

0 : 32-bit Systems (string)

1 : ARM64-based Systems (string)

2 : x64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

11 : { »

vendor : Microsoft (string)

product : Windows Server version 2004 (string)

cpes : [ »

0 : cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:* (string)

]

platforms : [ »

0 : x64-based Systems (string)

]

versions : [ »

0 : { »

version : 10.0.0 (string)

lessThan : publication (string)

versionType : custom (string)

status : affected (string)

}

]

}

]

descriptions : [ »

0 : { »

value : An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory. (string)

lang : en-US (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Information Disclosure (string)

lang : en-US (string)

type : Impact (string)

}

]

}

]

providerMetadata : { »

orgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

shortName : microsoft (string)

dateUpdated : 2023-12-31T21:34:14.606Z (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592 (string)

}

]

metrics : [ »

0 : { »

format : CVSS (string)

scenarios : [ »

0 : { »

lang : en-US (string)

value : GENERAL (string)

}

]

cvssV3_1 : { »

version : 3.1 (string)

baseSeverity : MEDIUM (string)

baseScore : 4.4 (number)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T06:39:10.700Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

assignerShortName : microsoft (string)

cveId : CVE-2020-1592 (string)

datePublished : 2020-09-11T17:09:25 (string)

dateReserved : 2019-11-04T00:00:00 (string)

dateUpdated : 2024-08-04T06:39:10.700Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "matchCriteriaId": "AAE74AF3-C559-4645-A6C0-25C3D647AAC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "matchCriteriaId": "5B921FDB-8E7D-427E-82BE-4432585080CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "matchCriteriaId": "C253A63F-03AB-41CB-A03A-B2674DEA98AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "matchCriteriaId": "0B60D940-80C7-49F0-8F4E-3F99AC15FA82", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "<p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p>\n<p>To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user\u2019s system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.</p>\n"}, {"lang": "es", "value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n cuando el kernel de Windows inicializa inapropiadamente objetos en memoria. Para explotar esta vulnerabilidad, un atacante autenticado podr\u00eda ejecutar una aplicaci\u00f3n especialmente dise\u00f1ada, tambi\u00e9n se conoce como \"Windows Kernel Information Disclosure Vulnerability\".&#xa0;Este ID de CVE es diferente de CVE-2020-0928, CVE-2020-1033, CVE-2020-1589, CVE-2020-16854"}], "id": "CVE-2020-1592", "lastModified": "2024-11-21T05:10:54.783", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "secure@microsoft.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2020-09-11T17:15:21.713", "references": [{"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-665"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CB85C75-4D35-480E-843D-60579EC75FCB (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:* (string)

matchCriteriaId : 6B8F3DD2-A145-4AF1-8545-CC42892DA3D1 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* (string)

matchCriteriaId : 3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:* (string)

matchCriteriaId : E9273B95-20ED-4547-B0A8-95AD15B30372 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:* (string)

matchCriteriaId : AAE74AF3-C559-4645-A6C0-25C3D647AAC8 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:* (string)

matchCriteriaId : 5B921FDB-8E7D-427E-82BE-4432585080CF (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:* (string)

matchCriteriaId : C253A63F-03AB-41CB-A03A-B2674DEA98AA (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B60D940-80C7-49F0-8F4E-3F99AC15FA82 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* (string)

matchCriteriaId : DB79EE26-FC32-417D-A49C-A1A63165A968 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory. (string)

}

1 : { »

lang : es (string)

value : Se presenta una vulnerabilidad de divulgación de información cuando el kernel de Windows inicializa inapropiadamente objetos en memoria. Para explotar esta vulnerabilidad, un atacante autenticado podría ejecutar una aplicación especialmente diseñada, también se conoce como "Windows Kernel Information Disclosure Vulnerability". Este ID de CVE es diferente de CVE-2020-0928, CVE-2020-1033, CVE-2020-1589, CVE-2020-16854 (string)

}

]

id : CVE-2020-1592 (string)

lastModified : 2024-11-21T05:10:54.783 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 2.1 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 4.4 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 2.5 (number)

source : secure@microsoft.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 3.3 (number)

baseSeverity : LOW (string)

confidentialityImpact : LOW (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 1.4 (number)

source : nvd@nist.gov (string)

type : Secondary (string)

}

]

}

published : 2020-09-11T17:15:21.713 (string)

references : [ »

0 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1592 (string)

}

]

sourceIdentifier : secure@microsoft.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-665 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object