Latest Improper Privilege Management Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2020-09-11 CVE-2020-16852 Improper Privilege Management vulnerability in Microsoft Onedrive
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
3.6
2020-09-11 CVE-2020-1245 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
7.2
2020-09-11 CVE-2020-1169 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.
6.8
2020-09-11 CVE-2020-1159 Improper Privilege Management vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations, aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
4.6
2020-09-11 CVE-2020-1152 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka 'Windows Win32k Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
4.6
2020-09-11 CVE-2020-1146 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
4.6
2020-09-11 CVE-2020-1133 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
4.6
2020-09-11 CVE-2020-1130 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
4.6
2020-09-11 CVE-2020-1115 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
4.6
2020-09-11 CVE-2020-1098 Improper Privilege Management vulnerability in Microsoft Windows 10 2004
An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory, aka 'Windows Shell Infrastructure Component Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
CWE-269
4.6