CVE-2020-0981: Windows Token Security Feature Bypass Vulnerability

Overview

Severity

Medium (CVSS 6.3)

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C

Category

Security Feature Bypass

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2020-Apr

Released

2020-04-14

EPSS Score

0.10% (percentile: 26.8%)

Description

A security feature bypass vulnerability exists when Windows fails to properly handle token relationships. An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape. The update addresses the vulnerability by correcting how Windows handles token relationships

Affected Products (8)

Windows

• Windows 10 Version 1909 for 32-bit Systems
• Windows 10 Version 1909 for x64-based Systems
• Windows 10 Version 1909 for ARM64-based Systems
• Windows Server, version 1909 (Server Core installation)
• Windows 10 Version 1903 for 32-bit Systems
• Windows 10 Version 1903 for x64-based Systems
• Windows 10 Version 1903 for ARM64-based Systems
• Windows Server, version 1903 (Server Core installation)

Security Updates (1)

• 4549951

Acknowledgments

James Forshaw of <a href="http://www.google.com/">Google Project Zero</a>

Revision History

• 2020-04-14: Information published.