Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0748

EPSS 0.53% · P67
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-0748

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0755, CVE-2020-0756.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows Key Isolation Service 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统。 Microsoft Windows Key Isolation Service中存在缓冲区错误漏洞,该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。以下产品及版本受到影响:Windows 7,Windows 8.1,Windows RT 8.1,Windows 10,Windows Server 2
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
MicrosoftWindows 10 Version 1803 for 32-bit Systems -
MicrosoftWindows Server version 1803 (Core Installation) -
MicrosoftWindows 10 Version 1903 for 32-bit Systems unspecified -
MicrosoftWindows 10 Version 1903 for x64-based Systems unspecified -
MicrosoftWindows 10 Version 1903 for ARM64-based Systems unspecified -
MicrosoftWindows Server, version 1903 (Server Core installation) unspecified -
MicrosoftWindows 10 Version 1909 for 32-bit Systems unspecified -
MicrosoftWindows 10 Version 1909 for x64-based Systems unspecified -
MicrosoftWindows 10 Version 1909 for ARM64-based Systems unspecified -
MicrosoftWindows Server, version 1909 (Server Core installation) unspecified -

II. Public POCs for CVE-2020-0748

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-0748

登录查看更多情报信息。

Same Patch Batch · Microsoft · 2020-02-11 · 99 CVEs total

CVE-2020-0726Microsoft Win32k组件安全漏洞
CVE-2020-0720Microsoft Win32k组件安全漏洞
CVE-2020-0715Microsoft Windows Graphics组件安全漏洞
CVE-2020-0714Microsoft Windows DirectX 信息泄露漏洞
CVE-2020-0713Microsoft Edge和ChakraCore 缓冲区错误漏洞
CVE-2020-0712Microsoft Edge和ChakraCore 缓冲区错误漏洞
CVE-2020-0711Microsoft Edge和ChakraCore 缓冲区错误漏洞
CVE-2020-0716Microsoft Win32k组件信息泄露漏洞
CVE-2020-0724Microsoft Win32k组件安全漏洞
CVE-2020-0725Microsoft Win32k组件安全漏洞
CVE-2020-0723Microsoft Win32k组件安全漏洞
CVE-2020-0727Microsoft Connected User Experiences and Telemetry Service 安全漏洞
CVE-2020-0728Microsoft Windows 信息泄露漏洞
CVE-2020-0729Microsoft Windows和Windows Server 安全漏洞
CVE-2020-0730Microsoft Windows 后置链接漏洞
CVE-2020-0731Microsoft Windows Server 资源管理错误漏洞
CVE-2020-0732Microsoft DirectX 安全漏洞
CVE-2020-0733Microsoft Windows Malicious Software Removal Tool 安全漏洞
CVE-2020-0734Microsoft Remote Desktop Protocol Client 输入验证错误漏洞
CVE-2020-0735Microsoft Windows Search Indexer 安全漏洞

Showing top 20 of 99 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Windows
Same vendor: Microsoft

V. Comments for CVE-2020-0748

No comments yet

Leave a comment