Microsoft Patch Tuesday, December 2020

Basic MS Vulnerabilities Scores Statistics

Vulristics Vulnerability Scores

Urgent (0)

Critical (1)

1. Remote Code Execution - Microsoft Exchange (CVE-2020-17144) - Critical [705]
componentvalueweightcomment
Exploited in the Wild1.018Exploitation in the wild is mentioned at Vulners (AttackerKB object), AttackerKB
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft Exchange
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

qualys: Microsoft patched five Remote Code Execution vulnerabilities in Exchange (CVE-2020-17141, CVE-2020-17142, CVE-2020-17144, CVE-2020-17117, CVE-2020-17132), which would allow an attacker to run code as system by sending a malicious email. Microsoft does rank them as “Exploitation Less Likely,” but due to the open attack vector, these patches should be prioritized on all Exchange Servers.

tenable: CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142 and CVE-2020-17144 are remote code execution (RCE) vulnerabilities in Microsoft Exchange. All of these have been labeled by Microsoft as “Exploitation Less Likely” with the exception of CVE-2020-17144, which has been labeled as “Exploitation More Likely.”

rapid7: While there are a total of six vulnerabilities from Microsoft Exchange Server this month, two of them garner a CVSS score of 9.1 (CVE-2020-17132, CVE-2020-17142) and one is noted by Microsoft has having a higher chance of exploitability (CVE-2020-17144). These three warrant an additional examination and may be grounds for prioritizing patching.

rapid7: In contrast, CVE-2020-17144 which is another remote code execution vulnerability also stemming from improper validation for cmdlet arguments, this one only affects Exchange Server 2010 SP3 and does require additional user interaction to successfully execute. This is extra interesting as Microsoft Exchange Server 2010 passed end of life back on October 22, 2020. The introduction of this post-EOL patch for Microsoft Exchange Server 2010 coupled with Microsoft noting this vulnerability to be more likely exploitable does suggest prioritizing this patch a bit earlier.

High (23)

2. Remote Code Execution - Windows NTFS (CVE-2020-17096) - High [500]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

qualys: While listed as Important, there is a RCE vulnerability (CVE-2020-17096) in Microsoft Windows. A local attacker could exploit this vulnerability to elevate the attacker’s privileges or a remote attacker with SMBv2 access to affected system could send malicious requests over the network.

tenable: CVE-2020-17096 is an RCE in Windows NT File System (NTFS), the file system used in Microsoft Windows and Microsoft Windows Server. No user interaction is required to exploit this vulnerability. Depending on the attacker’s position, there are a few avenues for exploitation. For an attacker that has already established a local position on the vulnerable system, executing a malicious application that exploits the flaw would result in an elevation of privileges. Alternatively, a remote attacker could exploit the flaw by sending malicious requests to a vulnerable system, so long as they could access it over the Server Message Block version 2 protocol (SMBv2). Successful exploitation in this context would grant the attacker arbitrary code execution.

3. Remote Code Execution - Microsoft Exchange (CVE-2020-17132) - High [475]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft Exchange
CVSS Base Score0.910NVD Vulnerability Severity Rating is Critical

qualys: Microsoft patched five Remote Code Execution vulnerabilities in Exchange (CVE-2020-17141, CVE-2020-17142, CVE-2020-17144, CVE-2020-17117, CVE-2020-17132), which would allow an attacker to run code as system by sending a malicious email. Microsoft does rank them as “Exploitation Less Likely,” but due to the open attack vector, these patches should be prioritized on all Exchange Servers.

tenable: CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142 and CVE-2020-17144 are remote code execution (RCE) vulnerabilities in Microsoft Exchange. All of these have been labeled by Microsoft as “Exploitation Less Likely” with the exception of CVE-2020-17144, which has been labeled as “Exploitation More Likely.”

tenable: CVE-2020-17132 is credited to Steven Seeley, a researcher at Source Incite, who is frequently acknowledged for his disclosure of vulnerabilities during Patch Tuesday.

tenable: In September’s Patch Tuesday release, Seeley was credited with discovering CVE-2020-16875, which he intended to blog about until he discovered a patch bypass for the flaw. Seeley has now confirmed that CVE-2020-17132 addresses this patch bypass.

tenable: CVE-2020-17132 patches the patch bypass apparently https://t.co/BKw0IKSFoB

tenable: CVE-2020-17132 patches the patch bypass apparently https://t.co/BKw0IKSFoB — ϻг_ϻε (@steventseeley) December 8, 2020

rapid7: While there are a total of six vulnerabilities from Microsoft Exchange Server this month, two of them garner a CVSS score of 9.1 (CVE-2020-17132, CVE-2020-17142) and one is noted by Microsoft has having a higher chance of exploitability (CVE-2020-17144). These three warrant an additional examination and may be grounds for prioritizing patching.

rapid7: There is currently suspicion that CVE-2020-17132 helps address the patch bypass of CVE-2020-16875 (CVSS 8.4) from September 2020. As well, both CVE-2020-17132 and CVE-2020-17142 are remote code execution vulnerabilities occurring due to improper validation of cmdlet arguments that affect all supported (as of writing) versions of Microsoft Exchange. One important note to consider is while these vulnerabilities have received a CVSS score of 9.1 and do not require additional user interaction, an attacker must be in an authenticated role in order to exploit this vulnerability.

zdi: CVE-2020-17132 - Microsoft Exchange Remote Code Execution Vulnerability. This is one of several Exchange code execution bugs, and it is credited to three different researchers. This implies the bug was somewhat easy to find, and other researchers are likely to find the root cause, too. Microsoft doesn’t provide an attack scenario here but does note that the attacker needs be authenticated. This indicates that if you take over someone’s mailbox, you can take over the entire Exchange server. With all of the other Exchange bugs, definitely prioritize your Exchange test and deployment.

4. Remote Code Execution - Microsoft Exchange (CVE-2020-17142) - High [475]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft Exchange
CVSS Base Score0.910NVD Vulnerability Severity Rating is Critical

qualys: Microsoft patched five Remote Code Execution vulnerabilities in Exchange (CVE-2020-17141, CVE-2020-17142, CVE-2020-17144, CVE-2020-17117, CVE-2020-17132), which would allow an attacker to run code as system by sending a malicious email. Microsoft does rank them as “Exploitation Less Likely,” but due to the open attack vector, these patches should be prioritized on all Exchange Servers.

tenable: CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142 and CVE-2020-17144 are remote code execution (RCE) vulnerabilities in Microsoft Exchange. All of these have been labeled by Microsoft as “Exploitation Less Likely” with the exception of CVE-2020-17144, which has been labeled as “Exploitation More Likely.”

rapid7: While there are a total of six vulnerabilities from Microsoft Exchange Server this month, two of them garner a CVSS score of 9.1 (CVE-2020-17132, CVE-2020-17142) and one is noted by Microsoft has having a higher chance of exploitability (CVE-2020-17144). These three warrant an additional examination and may be grounds for prioritizing patching.

rapid7: There is currently suspicion that CVE-2020-17132 helps address the patch bypass of CVE-2020-16875 (CVSS 8.4) from September 2020. As well, both CVE-2020-17132 and CVE-2020-17142 are remote code execution vulnerabilities occurring due to improper validation of cmdlet arguments that affect all supported (as of writing) versions of Microsoft Exchange. One important note to consider is while these vulnerabilities have received a CVSS score of 9.1 and do not require additional user interaction, an attacker must be in an authenticated role in order to exploit this vulnerability.

5. Security Feature Bypass - Windows Overlay Filter (CVE-2020-17139) - High [466]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

6. Remote Code Execution - Microsoft Exchange (CVE-2020-17141) - High [462]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft Exchange
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

qualys: Microsoft patched five Remote Code Execution vulnerabilities in Exchange (CVE-2020-17141, CVE-2020-17142, CVE-2020-17144, CVE-2020-17117, CVE-2020-17132), which would allow an attacker to run code as system by sending a malicious email. Microsoft does rank them as “Exploitation Less Likely,” but due to the open attack vector, these patches should be prioritized on all Exchange Servers.

tenable: CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142 and CVE-2020-17144 are remote code execution (RCE) vulnerabilities in Microsoft Exchange. All of these have been labeled by Microsoft as “Exploitation Less Likely” with the exception of CVE-2020-17144, which has been labeled as “Exploitation More Likely.”

7. Security Feature Bypass - Kerberos (CVE-2020-16996) - High [452]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common1.014Kerberos
CVSS Base Score0.610NVD Vulnerability Severity Rating is Medium

zdi: CVE-2020-16996 - Kerberos Security Feature Bypass Vulnerability. This patch corrects a security feature bypass (SFB) bug in Kerberos, but thanks to Microsoft’s decision to remove executive summaries and only provide a CVSS score, we don’t know what specific features are being bypassed. We do know this impacts Kerberos Resource-Based Constrained Delegation (RBCD), as Microsoft has released guidance on managing the deployment of RBCD/Protected User changes in a new KB article. This likely helps to protect against RBCD attacks such as the one detailed here. This patch adds the NonForwardableDelegation registry key to enable protection on Active Directory domain controller servers. This will be enforced in a future update in February.

8. Security Feature Bypass - Windows Lock Screen (CVE-2020-17099) - High [452]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.610NVD Vulnerability Severity Rating is Medium

qualys: An important vulnerability is patched by Microsoft (CVE-2020-17099) where an attacker with physical access to the target system could perform actions on a locked system, thereby executing code from Windows lock screen in the context of the active user session. This patch should be prioritized across all Windows devices.

9. Remote Code Execution - Microsoft Exchange (CVE-2020-17117) - High [448]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.814Microsoft Exchange
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

qualys: Microsoft patched five Remote Code Execution vulnerabilities in Exchange (CVE-2020-17141, CVE-2020-17142, CVE-2020-17144, CVE-2020-17117, CVE-2020-17132), which would allow an attacker to run code as system by sending a malicious email. Microsoft does rank them as “Exploitation Less Likely,” but due to the open attack vector, these patches should be prioritized on all Exchange Servers.

tenable: CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142 and CVE-2020-17144 are remote code execution (RCE) vulnerabilities in Microsoft Exchange. All of these have been labeled by Microsoft as “Exploitation Less Likely” with the exception of CVE-2020-17144, which has been labeled as “Exploitation More Likely.”

10. Remote Code Execution - Hyper-V (CVE-2020-17095) - High [437]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Hyper-V
CVSS Base Score0.910NVD Vulnerability Severity Rating is Critical

qualys: Microsoft also patched an RCE vulnerability in Hyper-V (CVE-2020-17095) which allows an attacker to run malicious programs on Hyper-V virtual machine to execute arbitrary code on the host system when it fails to properly validate vSMB packet data. This should be prioritized on all Hyper-V systems.

zdi: CVE-2020-17095 - Hyper-V Remote Code Execution Vulnerability. This patch corrects a bug that could allow an attacker to escalate privileges from code execution in a Hyper-V guest to code execution on the Hyper-V host by passing invalid vSMB packet data. It appears that no special permissions are needed on the guest OS to exploit this vulnerability. This bug also has the highest CVSS score (8.5) for the release. However, if Microsoft is wrong about the attack complexity, this could rate as high as 9.9.

11. Remote Code Execution - Microsoft SharePoint (CVE-2020-17118) - High [437]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614SharePoint
CVSS Base Score0.910NVD Vulnerability Severity Rating is Critical

qualys: Microsoft patched two RCEs (CVE-2020-17121 and CVE-2020-17118) in SharePoint. CVE-2020-17121 allows an authenticated attacker to gain access to create a site and execute code remotely within the kernel. Because of this, it is highly recommended to prioritize these patches across all SharePoint deployments.

tenable: CVE-2020-17118 and CVE-2020-17121 are RCE vulnerabilities in Microsoft SharePoint, which are labeled as “Exploitation More Likely” by Microsoft.

12. Remote Code Execution - Microsoft Excel (CVE-2020-17122) - High [429]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

tenable: CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128 and CVE-2020-17129 are RCE vulnerabilities in Microsoft Excel. All six of these vulnerabilities were assigned a CVSSv3 score of 7.8 and labeled as “Exploitation Less Likely” by Microsoft.

13. Remote Code Execution - Microsoft Excel (CVE-2020-17123) - High [429]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

tenable: CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128 and CVE-2020-17129 are RCE vulnerabilities in Microsoft Excel. All six of these vulnerabilities were assigned a CVSSv3 score of 7.8 and labeled as “Exploitation Less Likely” by Microsoft.

tenable: Details about CVE-2020-17123, which is credited to Marcin Noga of Cisco Talos Intelligence Group, have been published on the Talos blog. According to their description, the CVE-2020-17123 is a use-after-free vulnerability in Microsoft Excel. Exploitation of this flaw requires an attacker to socially engineer their victim into opening a malicious XLS file, either via email or hosting the file on a website and convincing the user to download and open it. Successful exploitation would result in remote code execution in the context of the current user. If the user has administrative privileges, it would result in a full system compromise.

tenable: While there are no further details for the five remaining Excel vulnerabilities, if they echo CVE-2020-17123 and past Excel flaws, the attack vector could be similar, requiring a user to open a malicious XLS file either via email or by convincing them to download and execute the file from a website. However, Microsoft notes that the Outlook Preview Pane is not affected by these vulnerabilities, which means a victim would need to open the XLS file directly to trigger the exploit.

14. Remote Code Execution - Microsoft Excel (CVE-2020-17125) - High [429]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

tenable: CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128 and CVE-2020-17129 are RCE vulnerabilities in Microsoft Excel. All six of these vulnerabilities were assigned a CVSSv3 score of 7.8 and labeled as “Exploitation Less Likely” by Microsoft.

15. Remote Code Execution - Microsoft Excel (CVE-2020-17127) - High [429]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

tenable: CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128 and CVE-2020-17129 are RCE vulnerabilities in Microsoft Excel. All six of these vulnerabilities were assigned a CVSSv3 score of 7.8 and labeled as “Exploitation Less Likely” by Microsoft.

16. Remote Code Execution - Microsoft Excel (CVE-2020-17128) - High [429]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

tenable: CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128 and CVE-2020-17129 are RCE vulnerabilities in Microsoft Excel. All six of these vulnerabilities were assigned a CVSSv3 score of 7.8 and labeled as “Exploitation Less Likely” by Microsoft.

17. Remote Code Execution - Microsoft Excel (CVE-2020-17129) - High [429]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

tenable: CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128 and CVE-2020-17129 are RCE vulnerabilities in Microsoft Excel. All six of these vulnerabilities were assigned a CVSSv3 score of 7.8 and labeled as “Exploitation Less Likely” by Microsoft.

18. Remote Code Execution - Microsoft SharePoint (CVE-2020-17121) - High [424]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614SharePoint
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

qualys: Microsoft patched two RCEs (CVE-2020-17121 and CVE-2020-17118) in SharePoint. CVE-2020-17121 allows an authenticated attacker to gain access to create a site and execute code remotely within the kernel. Because of this, it is highly recommended to prioritize these patches across all SharePoint deployments.

tenable: CVE-2020-17118 and CVE-2020-17121 are RCE vulnerabilities in Microsoft SharePoint, which are labeled as “Exploitation More Likely” by Microsoft.

tenable: For CVE-2020-17121, Microsoft notes that the attack is network-based and, provided the targeted user has the required privileges, an attacker could gain access to SharePoint to craft a site and in turn remotely execute arbitrary code within the kernel.

tenable: The Zero Day Initiative (ZDI) is credited with reporting CVE-2020-17121 and offers additional details about the vulnerability in their summary blog. They note that exploitation would allow the execution of arbitrary .NET code in the context of the SharePoint Web Application service account. In SharePoint’s default configuration, it allows authenticated users to create sites with the required permissions to launch the attack which lines up with Microsoft’s FAQ.

zdi: CVE-2020-17121 - Microsoft SharePoint Remote Code Execution Vulnerability. Originally reported through the ZDI program, this patch corrects a bug that could allow an authenticated user to execute arbitrary .NET code on an affected server in the context of the SharePoint Web Application service account. In its default configuration, authenticated SharePoint users are able to create sites that provide all of the necessary permissions that are prerequisites for launching an attack. Similar bugs patched earlier this year received quite a bit of attention. We suspect this one will, too.

19. Remote Code Execution - Microsoft Dynamics 365 for Finance and Operations (on-premises) (CVE-2020-17152) - High [424]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Microsoft Dynamics 365
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

20. Remote Code Execution - Microsoft Dynamics 365 for Finance and Operations (on-premises) (CVE-2020-17158) - High [424]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Microsoft Dynamics 365
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

21. Remote Code Execution - Visual Studio Code Remote Development Extension (CVE-2020-17148) - High [410]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Visual Studio
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

22. Remote Code Execution - Visual Studio Code (CVE-2020-17150) - High [410]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Visual Studio
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

23. Remote Code Execution - Visual Studio (CVE-2020-17156) - High [410]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Visual Studio
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

24. Remote Code Execution - Visual Studio Code Java Extension Pack (CVE-2020-17159) - High [410]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.614Visual Studio
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

Medium (30)

25. Security Feature Bypass - Microsoft Excel (CVE-2020-17130) - Medium [395]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.610NVD Vulnerability Severity Rating is Medium

26. Elevation of Privilege - Windows Backup Engine (CVE-2020-16958) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

27. Elevation of Privilege - Windows Backup Engine (CVE-2020-16959) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

28. Elevation of Privilege - Windows Backup Engine (CVE-2020-16960) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

29. Elevation of Privilege - Windows Backup Engine (CVE-2020-16961) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

30. Elevation of Privilege - Windows Backup Engine (CVE-2020-16962) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

31. Elevation of Privilege - Windows Backup Engine (CVE-2020-16963) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

32. Elevation of Privilege - Windows Backup Engine (CVE-2020-16964) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

33. Elevation of Privilege - Windows Network Connections Service (CVE-2020-17092) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

34. Elevation of Privilege - Windows Digital Media Receiver (CVE-2020-17097) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

35. Elevation of Privilege - Windows Cloud Files Mini Filter Driver (CVE-2020-17103) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

36. Elevation of Privilege - Windows Cloud Files Mini Filter Driver (CVE-2020-17134) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

37. Elevation of Privilege - Windows Cloud Files Mini Filter Driver (CVE-2020-17136) - Medium [385]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

38. Security Feature Bypass - Azure SDK for Java (CVE-2020-16971) - Medium [379]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.414Azure Sphere
CVSS Base Score0.910NVD Vulnerability Severity Rating is Critical

39. Security Feature Bypass - Azure SDK for C (CVE-2020-17002) - Medium [379]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.915Security Feature Bypass
Vulnerable Product is Common0.414Azure Sphere
CVSS Base Score0.910NVD Vulnerability Severity Rating is Critical

40. Elevation of Privilege - DirectX Graphics Kernel (CVE-2020-17137) - Medium [366]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.914DirectX
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

41. Information Disclosure - Windows SMB (CVE-2020-17140) - Medium [351]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.610NVD Vulnerability Severity Rating is Medium

42. Memory Corruption - Chakra Scripting Engine (CVE-2020-17131) - Medium [348]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.615Memory Corruption
Vulnerable Product is Common0.714MS Internet Browser
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

43. Information Disclosure - Microsoft Exchange (CVE-2020-17143) - Medium [340]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.814Microsoft Exchange
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

44. Information Disclosure - Windows Error Reporting (CVE-2020-17094) - Medium [337]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.510NVD Vulnerability Severity Rating is Medium

45. Information Disclosure - Windows GDI+ (CVE-2020-17098) - Medium [337]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.510NVD Vulnerability Severity Rating is Medium

46. Information Disclosure - Windows Error Reporting (CVE-2020-17138) - Medium [337]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common1.014Windows component
CVSS Base Score0.510NVD Vulnerability Severity Rating is Medium

47. Elevation of Privilege - Microsoft SharePoint (CVE-2020-17089) - Medium [322]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.515Elevation of Privilege
Vulnerable Product is Common0.614SharePoint
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

48. Remote Code Execution - Microsoft PowerPoint (CVE-2020-17124) - Medium [316]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type1.015Remote Code Execution
Vulnerable Product is Common0.114Other less common product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

49. Information Disclosure - Microsoft Outlook (CVE-2020-17119) - Medium [308]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.710NVD Vulnerability Severity Rating is High

50. Spoofing - Microsoft SharePoint (CVE-2020-17115) - Medium [302]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.614SharePoint
CVSS Base Score0.810NVD Vulnerability Severity Rating is High

51. Information Disclosure - Microsoft Excel (CVE-2020-17126) - Medium [281]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.714MS Office product
CVSS Base Score0.510NVD Vulnerability Severity Rating is Medium

52. Information Disclosure - Microsoft SharePoint (CVE-2020-17120) - Medium [275]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.614SharePoint
CVSS Base Score0.610NVD Vulnerability Severity Rating is Medium

53. Spoofing - Azure DevOps Server (CVE-2020-17135) - Medium [224]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.414Azure Sphere
CVSS Base Score0.510NVD Vulnerability Severity Rating is Medium

54. Spoofing - Azure DevOps Server and Team Foundation Services (CVE-2020-17145) - Medium [224]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.414Azure Sphere
CVSS Base Score0.510NVD Vulnerability Severity Rating is Medium

Low (4)

55. Information Disclosure - Microsoft Dynamics Business Central/NAV (CVE-2020-17133) - Low [181]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Information Disclosure
Vulnerable Product is Common0.114Other less common product
CVSS Base Score0.610NVD Vulnerability Severity Rating is Medium

56. Spoofing - Microsoft Edge for Android (CVE-2020-17153) - Low [181]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Spoofing
Vulnerable Product is Common0.114Other less common product
CVSS Base Score0.610NVD Vulnerability Severity Rating is Medium

57. Cross Site Scripting - Dynamics CRM Webclient (CVE-2020-17147) - Low [167]
componentvalueweightcomment
Exploited in the Wild018Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites
Public Exploit Exists017Public exploit is NOT found at Vulners website
Criticality of Vulnerability Type0.415Cross Site Scripting
Vulnerable Product is Common0.114Other less common product
CVSS Base Score0.510NVD Vulnerability Severity Rating is Medium

Exploitation in the wild detected (1)

Remote Code Execution (1)

Public exploit exists, but exploitation in the wild is NOT detected (0)

Other Vulnerabilities (56)

Remote Code Execution (21)

Security Feature Bypass (6)

Elevation of Privilege (14)

Information Disclosure (9)

Memory Corruption (1)

Spoofing (4)

Cross Site Scripting (1)