Home

CVE-2020-0863

Description

An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka Connected User Experiences and Telemetry Service Information Disclosure Vulnerability.

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
0.392

Associated Vulnerability

VulnerabilityOS Platform
Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1903 for x64-based Systems (KB4540673)Windows
Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1909 for x86-based Systems (KB4540673)Windows
Scripting Engine Memory Corruption Vulnerability for Windows Server, version 1909 for x64-based Systems (KB4540673)Windows
Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB4540673)Windows
Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1903 for x86-based Systems (KB4540673)Windows
Scripting Engine Memory Corruption Vulnerability for Windows Server, version 1903 for x64-based Systems (KB4540673)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-285022020-03 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4540673)
PATCH-285032020-03 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB4540673)
PATCH-285042020-03 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4540673)
PATCH-285052020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4540673)
PATCH-285062020-03 Cumulative Update for Windows 10 Version 1903 for x86-based Systems (KB4540673)
PATCH-285072020-03 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4540673)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234