CVE-2020-1042

Опубликовано: 14 июл. 2020

Источник: nvd

CVSS3: 9

CVSS2: 7.7

EPSS Низкий

Описание

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1040, CVE-2020-1041, CVE-2020-1043.

Ссылки

https://nvidia.custhelp.com/app/answers/detail/a_id/5044
Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1042
Patch
Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5044
Third Party Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1042
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00985

Низкий

9 Critical

CVSS3

7.7 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2020-1042

msrc

почти 5 лет назад

Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability

GHSA-8f34-ccvf-c6jf

github

около 3 лет назад

BDU:2020-03368

CVSS3: 8

fstec