cve/2020/CVE-2020-1054.md

### [CVE-2020-1054](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1054)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen)

### Description

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

### POC

#### Reference
- http://packetstormsecurity.com/files/160515/Microsoft-Windows-DrawIconEx-Local-Privilege-Escalation.html

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/0xcyberpj/windows-exploitation
- https://github.com/0xeb-bp/cve-2020-1054
- https://github.com/0xpetros/windows-privilage-escalation
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/WindowsElevation
- https://github.com/Ascotbe/Kernelhub
- https://github.com/CnHack3r/Penetration_PoC
- https://github.com/Cruxer8Mech/Idk
- https://github.com/EchoGin404/-
- https://github.com/EchoGin404/gongkaishouji
- https://github.com/FULLSHADE/WindowsExploitationResources
- https://github.com/Graham382/CVE-2020-1054
- https://github.com/Iamgublin/CVE-2020-1054
- https://github.com/KaLendsi/CVE-2020-1054
- https://github.com/LegendSaber/exp_x64
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/MustafaNafizDurukan/WindowsKernelExploitationResources
- https://github.com/NitroA/windowsexpoitationresources
- https://github.com/NullArray/WinKernel-Resources
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/SexyBeast233/SecBooks
- https://github.com/TamilHackz/windows-exploitation
- https://github.com/Tyro-Shan/gongkaishouji
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/ZTK-009/Penetration_PoC
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/fei9747/WindowsElevation
- https://github.com/hasee2018/Penetration_Testing_POC
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/bug-bounty
- https://github.com/huike007/penetration_poc
- https://github.com/huike007/poc
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/lyshark/Windows-exploits
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/password520/Penetration_PoC
- https://github.com/pentration/gongkaishouji
- https://github.com/soosmile/POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/ycdxsb/Exploits
- https://github.com/ycdxsb/WindowsPrivilegeEscalation
- https://github.com/yedada-wei/-
- https://github.com/yedada-wei/gongkaishouji
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-1054](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1054)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen)`

			`### Description`

			`An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/160515/Microsoft-Windows-DrawIconEx-Local-Privilege-Escalation.html`

			`#### Github`
			`- https://github.com/0xT11/CVE-POC`
			`- https://github.com/0xcyberpj/windows-exploitation`
			`- https://github.com/0xeb-bp/cve-2020-1054`
			`- https://github.com/0xpetros/windows-privilage-escalation`
			`- https://github.com/20142995/sectool`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/Al1ex/WindowsElevation`
			`- https://github.com/Ascotbe/Kernelhub`
			`- https://github.com/CnHack3r/Penetration_PoC`
Update Mon May 27 13:12:02 UTC 2024 2024-05-27 13:12:02 +00:00			`- https://github.com/Cruxer8Mech/Idk`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/EchoGin404/-`
			`- https://github.com/EchoGin404/gongkaishouji`
			`- https://github.com/FULLSHADE/WindowsExploitationResources`
			`- https://github.com/Graham382/CVE-2020-1054`
			`- https://github.com/Iamgublin/CVE-2020-1054`
			`- https://github.com/KaLendsi/CVE-2020-1054`
			`- https://github.com/LegendSaber/exp_x64`
			`- https://github.com/Mr-xn/Penetration_Testing_POC`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/MustafaNafizDurukan/WindowsKernelExploitationResources`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/NitroA/windowsexpoitationresources`
			`- https://github.com/NullArray/WinKernel-Resources`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/SexyBeast233/SecBooks`
			`- https://github.com/TamilHackz/windows-exploitation`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/Tyro-Shan/gongkaishouji`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/YIXINSHUWU/Penetration_Testing_POC`
Update Mon May 27 13:12:02 UTC 2024 2024-05-27 13:12:02 +00:00			`- https://github.com/ZTK-009/Penetration_PoC`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/alphaSeclab/sec-daily-2020`
			`- https://github.com/developer3000S/PoC-in-GitHub`
			`- https://github.com/fei9747/WindowsElevation`
			`- https://github.com/hasee2018/Penetration_Testing_POC`
			`- https://github.com/hectorgie/PoC-in-GitHub`
			`- https://github.com/hktalent/bug-bounty`
			`- https://github.com/huike007/penetration_poc`
			`- https://github.com/huike007/poc`
			`- https://github.com/lions2012/Penetration_Testing_POC`
			`- https://github.com/lyshark/Windows-exploits`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/password520/Penetration_PoC`
Update CVE sources 2024-08-12 19:01 2024-08-12 19:01:27 +00:00			`- https://github.com/pentration/gongkaishouji`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/soosmile/POC`
			`- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/xuetusummer/Penetration_Testing_POC`
			`- https://github.com/ycdxsb/Exploits`
			`- https://github.com/ycdxsb/WindowsPrivilegeEscalation`
			`- https://github.com/yedada-wei/-`
			`- https://github.com/yedada-wei/gongkaishouji`