An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0675 | Patch Vendor Advisory |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0675 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:53
Type | Values Removed | Values Added |
---|---|---|
References | () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0675 - Patch, Vendor Advisory |
Information
Published : 2020-02-11 22:15
Updated : 2024-11-21 04:53
NVD link : CVE-2020-0675
Mitre link : CVE-2020-0675
CVE.ORG link : CVE-2020-0675
JSON object : View
Products Affected
microsoft
- windows_server_2008
- windows_8.1
- windows_server_2016
- windows_server_2012
- windows_7
- windows_rt_8.1
- windows_server_2019
- windows_10
CWE