CVE-2020-1201

high

Description

An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerability'.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1201

Details

Source: MITRE

Published: 2020-06-09

Updated: 2021-07-21

Type: CWE-269

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH