The remote Windows host is missing security update 4580353 or cumulative update 4580382. It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-16939)

  - An elevation of privilege vulnerability exists when the     Windows Application Compatibility Client Library     improperly handles registry operations. An attacker who     successfully exploited this vulnerability could gain     elevated privileges.  (CVE-2020-16920)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-16887)

  - An elevation of privilege vulnerability exists when the     Windows User Profile Service (ProfSvc) improperly     handles junction points. An attacker who successfully     exploited this vulnerability could delete files and     folders in an elevated context.  (CVE-2020-16940)

  - An elevation of privilege vulnerability exists in the     way that the Windows kernel image handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-16892)

  - A remote code execution vulnerability exists in the way     that Microsoft Graphics Components handle objects in     memory. An attacker who successfully exploited the     vulnerability could execute arbitrary code on a target     system.  (CVE-2020-16923)

  - An information disclosure vulnerability exists in the     way that the Windows Graphics Device Interface Plus     (GDI+) handles objects in memory, allowing an attacker     to retrieve information from a targeted system. By     itself, the information disclosure does not allow     arbitrary code execution; however, it could allow     arbitrary code to be run if the attacker uses it in     combination with another vulnerability.
    (CVE-2020-16914)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-16902)

  - An information disclosure vulnerability exists when the     .NET Framework improperly handles objects in memory. An     attacker who successfully exploited the vulnerability     could disclose contents of an affected system's memory.
    (CVE-2020-16937)

  - An information disclosure vulnerability exists when the     Windows KernelStream improperly handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-16889)

  - An elevation of privilege vulnerability exists when the     Windows iSCSI Target Service improperly handles file     operations. An attacker who successfully exploited this     vulnerability could gain elevated privileges.
    (CVE-2020-16980)

  - An elevation of privilege vulnerability exists when     Windows improperly handles COM object creation. An     attacker who successfully exploited the vulnerability     could run arbitrary code with elevated privileges.
    (CVE-2020-16916, CVE-2020-16935)

  - A spoofing vulnerability exists when Windows incorrectly     validates file signatures. An attacker who successfully     exploited this vulnerability could bypass security     features and load improperly signed files. In an attack     scenario, an attacker could bypass security features     intended to prevent improperly signed files from being     loaded. The update addresses the vulnerability by     correcting how Windows validates file signatures.
    (CVE-2020-16922)

  - An elevation of privilege vulnerability exists when the     Windows Event System improperly handles objects in     memory.  (CVE-2020-16900)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-16924)

  - A remote code execution vulnerability exists when     Windows Hyper-V on a host server fails to properly     validate input from an authenticated user on a guest     operating system.  (CVE-2020-16891)

  - A remote code execution vulnerability exists in the way     that the Windows Graphics Device Interface (GDI) handles     objects in the memory. An attacker who successfully     exploited this vulnerability could take control of the     affected system. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-16911)

  - An information disclosure vulnerability exists when     NetBIOS over TCP (NBT) Extensions (NetBT) improperly     handle objects in memory. An attacker who successfully     exploited this vulnerability could obtain information to     further compromise the users system.  (CVE-2020-16897)

Detections

Analytics

KB4580353: Windows Server 2012 October 2020 Security Update

high Nessus Plugin ID 141426

Version 1.9

Version 1.8

Version 1.8

Version 1.9 Feb 15, 2024, 5:03 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202402151703
Version 1.8 Dec 6, 2022, 4:40 AM Reference Plugin Feed: 202212060440
Version 1.8 Feb 15, 2024, 2:29 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202402151429