CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-17139 – Windows Overlay Filter Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-17139
Windows Overlay Filter Security Feature Bypass Vulnerability Vulnerabilidad de la función de seguridad del filtro de superposición de Windows The Microsoft Windows WOF filter driver does not correctly handle the reparse point setting which allows for an arbitrary file to be cached signed leading to a bypass of UMCI. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17139 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2020-17103 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17103
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17134, CVE-2020-17136 The Microsoft Windows Cloud Filter HsmOsBlockPlaceholderAccess function allows a user to create arbitrary registry keys in the .DEFAULT users hive leading to elevation of privilege. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17103 •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2020-17134 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17134
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17103, CVE-2020-17136 The Microsoft Windows Cloud Filter access check does not take into account restrictions such as Mandatory Labels allowing a user to bypass security checks. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17134 •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 3CVE-2020-17136 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17136
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17103, CVE-2020-17134 The Microsoft Windows Cloud Filter driver can be abused to create arbitrary files and directories leading to elevation of privilege. • https://github.com/cssxn/CVE-2020-17136 https://github.com/xyddnljydd/CVE-2020-17136 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17136 https://bugs.chromium.org/p/project-zero/issues/detail?id=2082 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17136 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/local/cve_2020_17136.rb •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2020-17131 – Chakra Scripting Engine Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-17131
Chakra Scripting Engine Memory Corruption Vulnerability Vulnerabilidad de corrupción de memoria en el motor de scripting de Chakra This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JIT compiler. By performing actions in JavaScript, an attacker can trigger a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17131 • CWE-787: Out-of-bounds Write •