CVE-2020-1034
Describe
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
ImpactVersion
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows 10 | x64/x86/ARM64 | 2004 | ||
| Windows 10 | x64/x86/ARM64 | 1909 | ||
| Windows 10 | x64/x86/ARM64 | 1903 | ||
| Windows 10 | x64/x86/ARM64 | 1809 | ||
| Windows 10 | x64/x86/ARM64 | 1803 | ||
| Windows 10 | x64/x86/ARM64 | 1709 | ||
| Windows 10 | x64/x86 | 1607 | ||
| Windows 10 | x64/x86 | |||
| Windows 8.1 | x64/x86 | |||
| Windows RT 8.1 | ||||
| Windows Server 2019 | ||||
| Windows Server 2016 | ||||
| Windows Server 2012 | R2 | |||
| Windows Server 2012 | ||||
| Windows Server | 2004 | |||
| Windows Server | 1909 | |||
| Windows Server | 1903 |
Patch
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1034
Utilization
None
Analyze
- https://windows-internals.com/exploiting-a-simple-vulnerability-in-35-easy-steps-or-less
- https://windows-internals.com/exploiting-a-simple-vulnerability-part-1-5-the-info-leak/
- https://windows-internals.com/exploiting-a-simple-vulnerability-part-2-what-if-we-made-exploitation-harder/
- https://cloud.tencent.com/developer/article/1750818
- https://www.4hou.com/posts/Np4N
- https://www.anquanke.com/post/id/223724