The vulnerability of the relational database management system used by Microsoft Access programs within the Microsoft Office and Office 365 suites allows a perpetrator to execute arbitrary code.

🗓️ 02 Sep 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Access relational database in Office suites has remote arbitrary code execution due to in memory object processing errors.

Reporter	Title	Published	Views	Family All 19
Information Security Automation	Microsoft Patch Tuesday August 2020: vulnerabilities with Detected Exploitation, useful for phishing and others	30 Aug 202022:13	–	avleonov
CVE	CVE-2020-1582	17 Aug 202019:13	–	cve
Cvelist	CVE-2020-1582 Microsoft Access Remote Code Execution Vulnerability	17 Aug 202019:13	–	cvelist
EUVD	EUVD-2020-12455	17 Aug 202019:13	–	euvd
Microsoft KB	Description of the security update for Access 2016: August 11, 2020	11 Aug 202007:00	–	mskb
Microsoft KB	Description of the security update for Access 2013: August 11, 2020	11 Aug 202007:00	–	mskb
Microsoft KB	Description of the security update for Access 2010: August 11, 2020	11 Aug 202007:00	–	mskb
Kaspersky	KLA11932 Multiple vulnerabilities in Microsoft Office	11 Aug 202000:00	–	kaspersky
Microsoft CVE	Microsoft Access Remote Code Execution Vulnerability	11 Aug 202007:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Office products	11 Aug 202000:00	–	ncsc

Vulners

Node

microsoft accessMatch2016

OR

microsoft accessMatch2019

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1582
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2020081214
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-1582
web	www.web.nvd.nist.gov/view/vuln/detail

02 Sep 2020 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS 38.8

CVSS 210

EPSS0.11602

Access database vulnerability Office suites Remote code execution Memory object processing Object processing errors