Microsoft Windows 10 Kernel disclosure vulnerability [CVE-2020-0791]
CVE number – CVE-2020-0791
Microsoft Windows 10 Kernel SetMapMode MM_HIENGLISH information disclosure vulnerability
An exploitable information disclosure vulnerability exists in the kernel of Microsoft Windows 10 Insider Preview Fast and Stable.
A specially crafted executable can cause an out-of-bounds read, resulting in information disclosure. To trigger this vulnerability, the attacker needs to execute a specially crafted executable.
With the lockdown of user-space application capabilities, Windows kernel’s attack surface presents a popular target for local privilege escalation exploits.
A vulnerability exists in the way window sizes are calculated. Triggering this vulnerability can be observed with special pool enabled in verifier for drivers from win32k.
While executing the supplied PoC, Windows kernel crashes inside vStrWrite01
from win32kfull
.
Versions
Microsoft Corporation Windows 10 Kernel Insider Preview Fast
Microsoft Corporation Windows 10 Kernel Stable
Discovered by Marcin Towalski of Cisco Talos.
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.