Main Vulnerability Database Exploits ID:6584 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-17087

ID:6584 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-17087

Published: July 29, 2021

Vulnerability identifier: #VU48060

Vulnerability risk: High

CVE-ID: CVE-2020-17087

CWE-ID: CWE-119

Exploitation vector: Local access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/vp777/Windows-Non-Paged-Pool-Overflow-Exploitation

Vulnerability description

The vulnerability allows a local user to escalate privilege son the system.

The vulnerability exists due to a boundary error within the Windows Kernel Cryptography Driver cng.sys, which exposes a "\Device\CNG" device to user-mode programs and supports a variety of IOCTLs with non-trivial input structures. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code on the system with elevated privileges.

Note, this vulnerability is being actively exploited in the wild.

Remediation

Install update from vendor's website.

ID:6584 - Exploit for Buffer overflow in Windows and Windows Server - CVE-2020-17087

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human