CVE-2020-0605
Severity
8.8HIGH
EPSS
34.1%
top 3.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 14
Latest updateFeb 2
Description
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0606.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages52 packages
▶CVEListV5microsoft/microsoft_.net_framework_3.0Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2, Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2, Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2+2
▶CVEListV5microsoft/microsoft_.net_framework_4.6Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2+1