Published: 21/05/2020 Updated: 21/07/2021

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 410

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

An elevation of privilege vulnerability exists in .NET Framework which could allow an malicious user to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft .net_framework 3.0
microsoft .net_framework 3.5.1

CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统

引用这个漏洞属于Windows CardSpace服务未正确处理符号链接对象导致的任意文件替换的本地权限提升漏洞申明作者poc仅供研究目的,如果读者利用本poc从事其他行为,与本人无关目录 [toc] 分析漏洞影响范围适用于Windows7和Windows Server 2008 R2的普通用户和开启特殊配置的IIS用户漏洞原

cve-2020-1066 分析 blogcsdnnet/qq_37353105/article/details/114481214

NVD-CWE-noinfo https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1066 https://nvd.nist.gov https://github.com/cbwang505/CVE-2020-1066-EXP

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-1066

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect