CVE-2020-0661 — Improper Input Validation in Microsoft Windows
Severity
6.8MEDIUMNVD
NVD6.0
EPSS
0.6%
top 30.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 11
Latest updateMay 24
Description
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0751.
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.3 | Impact: 4.0
Affected Packages6 packages
▶CVEListV5microsoft/windows10 Version 1607 for x64-based Systems, 10 Version 1809 for x64-based Systems+1
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-3mg6-q5xj-qqwc: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest op↗2022-05-24
GHSA▶
GHSA-fmv8-rwjq-xv6f: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a g↗2022-05-24
CVEList▶
CVE-2020-0751: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a g↗2020-02-11
CVEList▶
CVE-2020-0661: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest op↗2020-02-11