CVE-2020-16898
12 documents9 sources
Severity
8.8HIGH
EPSS
32.7%
top 3.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 16
Latest updateMay 24
Description
A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.
To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.
The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMP…
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages14 packages
Patches
🔴Vulnerability Details
2📋Vendor Advisories
1🕵️Threat Intelligence
3Qualys▶
Microsoft Windows TCP/IP Remote Code Execution Vulnerability (CVE-2020-16898) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR® | Qualys↗2020-10-14