CVE-2020-0981

EUVD-2020-2447

15.04.2020, 15:15

A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 12%

Windows Releases

Platform

Version

Windows 10

1903 (arm64, x64, x86)	KB4549951
1909 (arm64, x64, x86)	KB4549951

Windows Server

1903 Server Core	KB4549951
1909 Server Core	KB4549951

Common Weakness Enumeration

CWE-863 - Incorrect Authorization
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References

http://packetstormsecurity.com/files/157248/Microsoft-Windows-NtFilterToken-ParentTokenId-Incorrect-Setting-Privilege-Escalation.html

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0981

http://packetstormsecurity.com/files/157248/Microsoft-Windows-NtFilterToken-ParentTokenId-Incorrect-Setting-Privilege-Escalation.html

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0981