{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T01:12:45.627","vulnerabilities":[{"cve":{"id":"CVE-2020-1355","sourceIdentifier":"secure@microsoft.com","published":"2020-07-14T23:15:13.480","lastModified":"2024-11-21T05:10:18.933","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Windows Font Driver Host handles memory., aka 'Windows Font Driver Host Remote Code Execution Vulnerability'."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota cuando el Windows Font Driver Host maneja inapropiadamente la memoria. Un atacante que explota con éxito la vulnerabilidad podría conseguir ejecución en un sistema víctima. La actualización de seguridad aborda la vulnerabilidad mediante la corrección de cómo el Windows Font Driver Host maneja la memoria, también se conoce como \"Windows Font Driver Host Remote Code Execution Vulnerability\""}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*","matchCriteriaId":"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*","matchCriteriaId":"E9273B95-20ED-4547-B0A8-95AD15B30372"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*","matchCriteriaId":"AAE74AF3-C559-4645-A6C0-25C3D647AAC8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*","matchCriteriaId":"5B921FDB-8E7D-427E-82BE-4432585080CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*","matchCriteriaId":"C253A63F-03AB-41CB-A03A-B2674DEA98AA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*","matchCriteriaId":"0B60D940-80C7-49F0-8F4E-3F99AC15FA82"}]}]}],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1355","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-875/","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1355","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-875/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}