What is CVE-2020-1122?

An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Language Pack Installer handles file operations.

How severe is CVE-2020-1122?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2020-1122?

This is classified as CWE-754, which is a common weakness in software security.

CVE-2020-1122

HIGH Year: 2020

CVSS v3 Score

7.8

High

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-754

View all →

Vulnerability Description

An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Language Pack Installer handles file operations.

CVE-2018-13013

HIGH

CVSS:7.8(High)

Improper check of unusual conditions when launching msiexec.exe in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSo...

CWE-7542018

CVE-2020-24450

HIGH

CVSS:7.8(High)

Improper conditions check in some Intel(R) Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privileg...

CWE-7542020

CVE-2020-35931

HIGH

CVSS:7.8(High)

An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). An attacker can spoof a certified PDF ...

CWE-7542020

CVE-2021-0339

HIGH

CVSS:7.8(High)

In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege w...

CWE-7542021

CVE-2021-29607

HIGH

CVSS:7.8(High)

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as...

CWE-7542021

CVE-2021-32946

HIGH

CVSS:7.8(High)

An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-...

CWE-7542021

CVE-2020-1122

Vulnerability Description

Related Vulnerabilities

CVE-2018-13013

CVE-2020-24450

CVE-2020-35931

CVE-2021-0339

CVE-2021-29607

CVE-2021-32946