CVE-2020-1066

Published: May 21, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'.

Vendor	Product	Versions
Microsoft	Microsoft .NET Framework 3.0	affected `Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2` affected `Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2`
Microsoft	Microsoft .NET Framework 3.5.1	affected `Windows 7 for 32-bit Systems Service Pack 1` affected `Windows 7 for x64-based Systems Service Pack 1` affected `Windows Server 2008 R2 for x64-based Systems Service Pack 1` affected `Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1066

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-1066

Description

Affected Products

References