CVE-2020-1355

A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Windows Font Driver Host handles memory., aka 'Windows Font Driver Host Remote Code Execution Vulnerability'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Common Weakness Enumeration
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1355
https://www.zerodayinitiative.com/advisories/ZDI-20-875/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1355
https://www.zerodayinitiative.com/advisories/ZDI-20-875/