Details of VAR-202007-0310

ID

VAR-202007-0310

CVE

CVE-2020-1385

TITLE

plural Microsoft Windows Elevated permissions vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2020-007888

DESCRIPTION

An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices have security vulnerabilities, which stem from the inclusion of two undocumented administrator accounts. The sftp and mofidev accounts are defined in etc passwd, and the password is not unique in different installations. No detailed vulnerability details are currently provided

Trust: 2.16

sources: NVD: CVE-2020-1385 // JVNDB: JVNDB-2020-007888 // CNVD: CNVD-2021-13971

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-13971

AFFECTED PRODUCTS

vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	r2	Trust: 1.8
vendor:	microsoft	model:	windows server 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	1909	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1909	Trust: 1.0
vendor:	microsoft	model:	windows 8.1	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	1903	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1903	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1709	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1809	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	2004	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	2004	Trust: 1.0
vendor:	microsoft	model:	windows rt 8.1	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1607	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	1803	Trust: 1.0
vendor:	microsoft	model:	windows 10	scope:	eq	version:	for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1607 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1607 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1709 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1709 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1709 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1803 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1803 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1803 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1809 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1809 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1809 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1903 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1903 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1903 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1909 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1909 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 1909 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 2004 for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 2004 for arm64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 10	scope:	eq	version:	version 2004 for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows 8.1	scope:	eq	version:	for 32-bit systems	Trust: 0.8
vendor:	microsoft	model:	windows 8.1	scope:	eq	version:	for x64-based systems	Trust: 0.8
vendor:	microsoft	model:	windows rt 8.1	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	windows server	scope:	eq	version:	version 1903 (server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server	scope:	eq	version:	version 1909 (server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server	scope:	eq	version:	version 2004 (server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server 2012	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	(server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	r2 (server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server 2016	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	windows server 2016	scope:	eq	version:	(server core installation)	Trust: 0.8
vendor:	microsoft	model:	windows server 2019	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	windows server 2019	scope:	eq	version:	(server core installation)	Trust: 0.8
vendor:	mofi	model:	network mofi4500-4gxelte 3.6.1-std	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2021-13971 // JVNDB: JVNDB-2020-007888 // NVD: CVE-2020-1385

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-1385
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-007888
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2021-13971
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202007-644
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-1385
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-007888
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2021-13971
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-1385
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-007888
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-13971 // JVNDB: JVNDB-2020-007888 // CNNVD: CNNVD-202007-644 // NVD: CVE-2020-1385

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-269	Trust: 0.8

sources: JVNDB: JVNDB-2020-007888 // NVD: CVE-2020-1385

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202007-644

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202007-644

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-007888

PATCH

title:	CVE-2020-1385 \| Windows Credential Picker Elevation of Privilege Vulnerability	url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1385	Trust: 0.8
title:	CVE-2020-1385 \| Windows Credential Picker の特権の昇格の脆弱性	url:	https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/CVE-2020-1385	Trust: 0.8
title:	Patch for Mofi Network MOFI4500-4GXeLTE has unspecified vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/250481	Trust: 0.6
title:	Microsoft Windows Credential Picker Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124398	Trust: 0.6

sources: CNVD: CNVD-2021-13971 // JVNDB: JVNDB-2020-007888 // CNNVD: CNNVD-202007-644

EXTERNAL IDS

db:	NVD	id:	CVE-2020-1385	Trust: 3.0
db:	JVNDB	id:	JVNDB-2020-007888	Trust: 0.8
db:	CNVD	id:	CNVD-2021-13971	Trust: 0.6
db:	NSFOCUS	id:	47897	Trust: 0.6
db:	CNNVD	id:	CNNVD-202007-644	Trust: 0.6

sources: CNVD: CNVD-2021-13971 // JVNDB: JVNDB-2020-007888 // CNNVD: CNNVD-202007-644 // NVD: CVE-2020-1385

REFERENCES

url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2020-1385	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-1385	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1385	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20200715-ms.html	Trust: 0.8
url:	https://www.jpcert.or.jp/at/2020/at200029.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13858	Trust: 0.6
url:	https://vigilance.fr/vulnerability/microsoft-windows-vulnerabilities-of-july-2020-32825	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/47897	Trust: 0.6
url:	https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2020-1385	Trust: 0.6

sources: CNVD: CNVD-2021-13971 // JVNDB: JVNDB-2020-007888 // CNNVD: CNNVD-202007-644 // NVD: CVE-2020-1385

CREDITS

Zhiniang Peng (@edwardzpeng) & Xuefeng Li,Anonymous researcher

Trust: 0.6

sources: CNNVD: CNNVD-202007-644

SOURCES

db:	CNVD	id:	CNVD-2021-13971
db:	JVNDB	id:	JVNDB-2020-007888
db:	CNNVD	id:	CNNVD-202007-644
db:	NVD	id:	CVE-2020-1385

LAST UPDATE DATE

2024-08-14T13:23:51.615000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-13971	date:	2021-03-03T00:00:00
db:	JVNDB	id:	JVNDB-2020-007888	date:	2020-08-28T00:00:00
db:	CNNVD	id:	CNNVD-202007-644	date:	2021-01-05T00:00:00
db:	NVD	id:	CVE-2020-1385	date:	2021-07-21T11:39:23.747

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-13971	date:	2021-03-03T00:00:00
db:	JVNDB	id:	JVNDB-2020-007888	date:	2020-08-28T00:00:00
db:	CNNVD	id:	CNNVD-202007-644	date:	2020-07-14T00:00:00
db:	NVD	id:	CVE-2020-1385	date:	2020-07-14T23:15:15.417