Detections
Analytics

KB4578013: Windows 8.1 and Windows Server 2012 R2 August 2020 Additional Security Update

high Nessus Plugin ID 139701

Language:

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security update 4578013. It is, therefore, affected by multiple vulnerabilities :

 - An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.
 (CVE-2020-1530)

 - An elevation of privilege vulnerability exists when the Windows Remote Access improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.
 (CVE-2020-1537)

Solution

Apply Security Update KB4578013.

See Also

https://support.microsoft.com/en-us/help/4578013

Plugin Details

Severity: High

ID: 139701

File Name: smb_nt_ms20_aug_4578013_oob.nasl

Version: 1.6

Type: local

Agent: windows

Published: 8/20/2020

Updated: 12/6/2022

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2020-1537

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 8/19/2020

Vulnerability Publication Date: 8/19/2020

Reference Information

CVE: CVE-2020-1530, CVE-2020-1537

IAVA: 2020-A-0367-S

MSFT: MS20-4578013

MSKB: 4578013