Vulnerability Description
<p>An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Windows State Repository Service handles objects in memory.</p>
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 | - |
| Microsoft | Windows Server 2016 | - |
| Microsoft | Windows Server 2019 | - |
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0914PatchVendor Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0914PatchVendor Advisory
FAQ
What is CVE-2020-0914?
CVE-2020-0914 is a vulnerability with a CVSS score of 5.5 (MEDIUM). <p>An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain...
How severe is CVE-2020-0914?
CVE-2020-0914 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-0914?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019.