CVE-2020-1393
First published: Tue Jul 14 2020(Updated: )
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Visual Studio | =2015-update_3 | |
| Microsoft Visual Studio 2017 | >=15.0<15.9.25 | |
| Microsoft Visual Studio 2019 | >=16.0<16.4.11 | |
| Microsoft Visual Studio 2019 | >=16.5.0<16.6.4 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2016 | =1909 | |
| Microsoft Windows Server 2016 | =2004 | |
| Microsoft Windows Server 2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-1393?
CVE-2020-1393 is an elevation of privilege vulnerability that exists in the Windows Diagnostics Hub Standard Collector Service.
How does CVE-2020-1393 affect Microsoft Visual Studio?
CVE-2020-1393 affects Microsoft Visual Studio 2015 (update 3), Visual Studio 2017 (version 15.0 to 15.9.25), and Visual Studio 2019 (version 16.0 to 16.4.11 and version 16.5.0 to 16.6.4).
How does CVE-2020-1393 affect Windows 10?
CVE-2020-1393 affects various versions of Windows 10, including 1607, 1709, 1803, 1809, 1903, 1909, and 2004.
What is the severity of CVE-2020-1393?
CVE-2020-1393 has a severity rating of 7.8 (high).
How can I fix CVE-2020-1393?
To fix CVE-2020-1393, it is recommended to apply the security updates provided by Microsoft.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/author
- agent/references
- agent/remedy
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft visual studio
- version/microsoft visual studio/2015-update_3
- canonical/microsoft visual studio 2017
- version/microsoft visual studio 2017/15.0
- canonical/microsoft visual studio 2019
- version/microsoft visual studio 2019/16.0
- version/microsoft visual studio 2019/16.5.0
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- version/microsoft windows 10/1809
- version/microsoft windows 10/1903
- version/microsoft windows 10/1909
- version/microsoft windows 10/2004
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1903
- version/microsoft windows server 2016/1909
- version/microsoft windows server 2016/2004
- canonical/microsoft windows server 2019