Home

CVE-2020-1459

Description

An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation."To exploit this vulnerability, an attacker with local privileges would need to run a specially crafted application.The security update addresses the vulnerability by bypassing the speculative execution.

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
7.152

Associated Vulnerability

VulnerabilityOS Platform
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 2004 for x86-based Systems (KB4566782)Windows
Netlogon Elevation of Privilege Vulnerability for Windows Server, version 2004 for x64-based Systems (KB4566782)Windows
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 2004 for x64-based Systems (KB4566782)Windows
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB4565349)Windows
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB4565349)Windows
Netlogon Elevation of Privilege Vulnerability for Windows Server 2019 for x64-based Systems (KB4565349)Windows
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB4565351)Windows
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x64-based Systems (KB4565351)Windows
Netlogon Elevation of Privilege Vulnerability for Windows Server, version 1903 for x64-based Systems (KB4565351)Windows
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x86-based Systems (KB4565351)Windows
Netlogon Elevation of Privilege Vulnerability for Windows Server, version 1909 for x64-based Systems (KB4565351)Windows
Netlogon Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x86-based Systems (KB4565351)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-295022020-08 Cumulative Update for Windows 10 Version 2004 for x86-based Systems (KB4566782) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-295032020-08 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB4566782) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-295042020-08 Cumulative Update for Windows 10 Version 2004 for x64-based Systems (KB4566782) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294952020-08 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4565349) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294962020-08 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4565349) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294972020-08 Cumulative Update for Windows Server 2019 for x64-based Systems (KB4565349) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294892020-08 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4565351) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294902020-08 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4565351) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294912020-08 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4565351) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294922020-08 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB4565351) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294932020-08 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB4565351) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)
PATCH-294942020-08 Cumulative Update for Windows 10 Version 1903 for x86-based Systems (KB4565351) (CVE-2020-1464) (CVE-2020-1380) (CVE-2020-1472)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234