Win32k Information Disclosure Vulnerability

Win32k Information Disclosure Vulnerability

CVE-2020-0941 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

<p>An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how win32k handles objects in memory.</p>

Learn more about our User Device Pen Test.