CVE-2020-0605

2020-01-1400:00:00

attackerkb.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka ‘.NET Framework Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0606.

Recent assessments:

zeroSteiner at May 20, 2020 1:02pm UTC reported:

A vulnerability exists in how Microsoft’s XPS documents are processed using .NET that can be leveraged to execute code using a deserialization attack. XPS files are effectively ZIP archives containing multiple member, of which ones .fdoc, and .fpage can be used as triggers. While this vulnerability was patched in May of 2020, it’s related to a similar vulnerability patched in January of 2020, which patched the same usage of the XPS document’s .fdseq member file types.

The default XPS viewer in Windows does not use .NET to render the XPS document making it unaffected by this vulnerability. A vulnerable application would need to be configured to process a maliciously crafted XPS document. Due to this, it is unclear if in practice this vulnerability will require user interaction or authentication to leverage.

See: <https://www.mdsec.co.uk/2020/05/analysis-of-cve-2020-0605-code-execution-using-xps-files-in-net/>

Assessed Attacker Value: 2
Assessed Attacker Value: 2Assessed Attacker Value: 3