CVE-2020-16967 Vulnerability Analysis & Exploit Details

Status: Modified - Last modified: 31 Dec 2023, 20:15 UTC Published: 16 Oct 2020, 23:15 UTC

CVE-2020-16967
Vulnerability Scoring

7.8
/10

Attack Complexity Details

  • Attack Complexity: Low Impact
  • Attack Vector: LOCAL
  • Privileges Required: None
  • Scope: UNCHANGED
  • User Interaction: REQUIRED

CIA Impact Definition

  • Confidentiality: HIGH IMPACT
  • Integrity: HIGH IMPACT
  • Availability: HIGH IMPACT

CVE-2020-16967 Vulnerability Summary

<p>A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of the Windows Camera Codec Pack. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how the Windows Camera Codec Pack handles objects in memory.</p>

Access Complexity Graph

Above is the Access Complexity Graph for CVE-2020-16967. It helps visualize the difficulty level and privilege requirements needed to exploit this vulnerability, providing a quick assessment of its exploitation feasibility.

CVSS Score Breakdown Chart

Above is the CVSS Sub-score Breakdown for CVE-2020-16967, illustrating how Base, Impact, and Exploitability factors combine to form the overall severity rating. A higher sub-score typically indicates a more severe or easier-to-exploit vulnerability.

Impact Analysis

Below is the Impact Analysis for CVE-2020-16967, showing how Confidentiality, Integrity, and Availability might be affected if the vulnerability is exploited. Higher values usually signal greater potential damage.

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 3.567% (probability of exploit)

EPSS Percentile: 91.65% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 8.349999999999994% of others.

CVE-2020-16967 Detailed Information and External References

References

CWE

NVD-CWE-noinfo

Vulnerable Configurations

  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*

CVSS3 Source

secure@microsoft.com

CVSS3 Type

Primary

CVSS3 Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Protect Your Infrastructure: Combat Critical CVE Threats

Stay updated with real-time CVE vulnerabilities and take action to secure your systems. Enhance your cybersecurity posture with the latest threat intelligence and mitigation techniques. Develop the skills necessary to defend against CVEs and secure critical infrastructures. Join the top cybersecurity professionals safeguarding today's infrastructures.

Other Recently Published CVEs

  • CVE-2024-57964 – Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially dis...
  • CVE-2024-57963 – Insecure Loading of Dynamic Link Libraries have been discovered in USB-CONVERTERCABLE DRIVER, which could allow local attackers to potentially disc...
  • CVE-2024-13523 – The MemorialDay plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to missin...
  • CVE-2024-45320 – Out-of-bounds write vulnerability exists in DocuPrint CP225w 01.22.01 and earlier, DocuPrint CP228w 01.22.01 and earlier, DocuPrint CM225fw 01.10.0...
  • CVE-2024-13556 – The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress is vulnerable to PHP Object Injection in all versi...
  • CVE-2024-13438 – The SpeedSize Image & Video AI-Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5...
  • CVE-2024-13315 – The Shopwarden – Automated WooCommerce monitoring & testing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,...
  • CVE-2025-0805 – The Mortgage Calculator / Loan Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mlcalc' shortcode in ...
  • CVE-2025-0796 – The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.10. Thi...
  • CVE-2024-13852 – The Option Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing nonce validation on the p...