CVE-2020-0794Improper Input Validation in Microsoft Windows

CWE-20Improper Input Validation8 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 53.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Microsoft WindowsMicrosoft Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Windows 10 Version 1903 FOR Arm64-based Systems+7 more
Timeline
PublishedApr 15
Latest updateMay 24

Description

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages10 packages

CVEListV5microsoft/windows9 versions+8
NVDmicrosoft/windows1803, 1903, 1909+2
NVDmicrosoft/windows_105 versions+4
CVEListV5microsoft/windows_server2019, 2019 (Core installation), version 1803 (Core Installation)+2

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-8qwq-wfr9-v7hf: A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'2022-05-24
CVEList
CVE-2020-0794: A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'2020-04-15

📋Vendor Advisories

1
Microsoft
Windows Denial of Service Vulnerability2020-04-14

🕵️Threat Intelligence

4
Unit42
Unit 42 Discovers 27 New Vulnerabilities Across Microsoft Products2020-10-02
Unit42
Unit 42 Discovers 27 New Vulnerabilities Across Microsoft Products2020-10-02
Talos
Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage2020-04-14
Talos
Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage2020-04-14
CVE-2020-0794 — Improper Input Validation in Microsoft | cvebase