CVE-2020-1054
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- November 04, 2019
- Published Date
- May 21, 2020
- Last Updated
- February 07, 2025
- Vendor
- Microsoft
- Product
- Windows, Windows Server, Windows 10 Version 1909 for 32-bit Systems, Windows 10 Version 1909 for x64-based Systems, Windows 10 Version 1909 for ARM64-based Systems, Windows Server, version 1909 (Server Core installation), Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation)
- Description
- An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
CVSS Scores
SSVC Information
- Exploitation
- active
- Technical Impact
- total
References
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2021-11-03 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2020_1054_drawiconex_lpe.rb | 2025-04-29 11:01:40 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
cve_2020_1054_drawiconex_lpe
Type: metasploit • Created: Unknown
Naman2701B/CVE-2020-1054
Type: github • Created: 2025-04-16 03:38:02 UTC • Stars: 0
Graham382/CVE-2020-1054
Type: github • Created: 2020-10-28 00:48:43 UTC • Stars: 0
KaLendsi/CVE-2020-1054
Type: github • Created: 2020-07-25 11:56:48 UTC • Stars: 20
Iamgublin/CVE-2020-1054
Type: github • Created: 2020-07-19 08:20:57 UTC • Stars: 4