Vulnerability Database

315,363

Total vulnerabilities in the database

CVE-2020-16901

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.

Published: Oct 16, 2020
Updated: Nov 16, 2025
CVE: CVE-2020-16901
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-665

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2016	1909	1909.x
microsoft / windows_10	1909	1909.x

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16901

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo