Fwd: [CIVN-2020-0186] Elevation of Privilege Vulnerability in Microsoft Edge (Chromium-based)

Severity Rating: MEDIUM

Software Affected

•Microsoft Edge (Chromium-based) versions prior to 83.0.478.37

Overview

A vulnerability has been reported in Microsoft Edge (Chromium-based) that

could allow a remote attacker to gain elevated privileges on a targeted

system.

Description

This vulnerability exists in the affected software due to improper

validation of input by the Feedback extension.

Successful exploitation of this vulnerability could allow the attacker to

write files to arbitrary locations and gain elevated privileges on the

targeted system .

Note: This vulnerability only exists in Chromium-based versions of

Microsoft Edge (which use Blink engine) and not the Edge HTML engine based

versions.

Solution

Update to version 83.0.478.37 as mentioned at

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1195

Vendor Information

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1195

References

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1195

CyberSecurityHelp

https://www.cybersecurity-help.cz/vdb/SB2020052204

CVE Name

Chromium-based)

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0186] Elevation of Privilege Vulnerability in Microsoft Edge (Chromium-based)

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive