CVE-2020-1593Microsoft Windows 10 Version 1507 vulnerability

4 documents4 sources
Severity
8.8HIGHNVD
CNA7.6
EPSS
1.3%
top 20.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
22
Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607Microsoft Windows 10 Version 1709+19 more
Timeline
PublishedSep 11
Latest updateMay 24

Description

A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage. The security update addresses the vulnerability by correcting how Windows Media Audio Decoder handles obj

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages23 packages

CVEListV5microsoft/windows_76.1.0publication

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-xrqx-j38x-m6pj: A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects, aka 'Windows Media Audio Decoder Remote Code2022-05-24
CVEList
Windows Media Audio Decoder Remote Code Execution Vulnerability2020-09-11

📋Vendor Advisories

1
Microsoft
Windows Media Audio Decoder Remote Code Execution Vulnerability2020-09-08
CVE-2020-1593 — Microsoft vulnerability | cvebase