Win 10 Spatial Data Service Elevation of Privilege vulnerability – 17th Jun 2020

Preface: On Jul 2019, found vulnerability in the Windows Spatial Data Service could allow file deletion in arbitrary locations on Windows system found The official announcement this week state that Windows Spatial Data Service improperly handles objects in memory causes elevation of Privilege Vulnerability.

Background: The Spatial Data Service is running as NT AUTHORITY\LocalService in a shared process of svchost[.]exe.
This service is used for Spatial Perception scenarios. This service exists in Windows 10 only.

Vulnerability details: If a number is higher or lower than a range of values or there are too many characters in a text entry, a boundary error occurs. The vulnerability exists due to a boundary error when the Windows Spatial Data Service improperly handles objects in memory. A local user can use a specially crafted application to trigger memory corruption and execute arbitrary code on the target system.

Official remedy solution – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1441

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.