CVE-2020-1485: Windows Image Acquisition Service Information Disclosure Vulnerability
First published: Mon Aug 17 2020(Updated: )
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory, aka 'Windows Image Acquisition Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1474.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2016 | =1909 | |
| Microsoft Windows Server 2016 | =2004 | |
| Microsoft Windows Server 2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-1485?
CVE-2020-1485 has a severity rating of important as it allows information disclosure in the Windows Image Acquisition Service.
How do I fix CVE-2020-1485?
To fix CVE-2020-1485, apply the Microsoft security updates that address this vulnerability for affected versions of Windows.
What versions of Windows are affected by CVE-2020-1485?
CVE-2020-1485 affects various versions of Windows, including Windows 7, Windows 10, and Windows Server editions.
What is the impact of CVE-2020-1485?
The impact of CVE-2020-1485 is the potential unauthorized disclosure of sensitive information from the memory of the Windows Image Acquisition Service.
Is CVE-2020-1485 unique from CVE-2020-1474?
Yes, CVE-2020-1485 is a unique vulnerability and should not be confused with CVE-2020-1474, which addresses different issues.
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- agent/references
- agent/title
- agent/remedy
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- version/microsoft windows 10/1809
- version/microsoft windows 10/1903
- version/microsoft windows 10/1909
- version/microsoft windows 10/2004
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- version/microsoft windows server/r2-sp1
- version/microsoft windows server/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1903
- version/microsoft windows server 2016/1909
- version/microsoft windows server 2016/2004
- canonical/microsoft windows server 2019