CVE-2020-9361

CryptoPro CSP through 5.0.0.10004 on 64-bit platforms allows local users with the SeChangeNotifyPrivilege right to cause denial of service because user-mode input is mishandled during process creation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
cryptoprocsp
𝑥
≤ 5.0.0.10004
𝑥
= Vulnerable software versions
References
https://www.youtube.com/watch?v=b5vPDmMtzwQ
https://www.youtube.com/watch?v=b5vPDmMtzwQ