CVE-2020-1113

high

Description

A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1113

Details

Source: MITRE

Published: 2020-05-21

Updated: 2020-05-27

Type: CWE-295

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.6

Severity: HIGH