CVE-2020-1022

🗓️ 15 Apr 2020 15:13:28Reported by microsoftType

Microsoft Dynamics Business Central Remote Code Execution Vulnerabilit

Reporter	Title	Published	Views	Family All 20
Information Security Automation	Microsoft Patch Tuesday April 2020: my classification script, confusing RCE in Adobe Type Manager and updates for older vulnerabilities	26 Apr 202001:24	–	avleonov
BDU FSTEC	The vulnerability of the Microsoft Dynamics 365 resource planning software and the integrated enterprise management system Microsoft Dynamics NAV lies in the improper elimination of certain elements in the output data used by the incoming component, allowing an attacker to execute arbitrary code.	19 May 202000:00	–	bdu_fstec
Cvelist	CVE-2020-1022	15 Apr 202015:13	–	cvelist
Microsoft KB	Cumulative Update 54 for Microsoft Dynamics NAV 2016 (Build 51811)	14 Apr 202007:00	–	mskb
Microsoft KB	Cumulative Update 41 for Microsoft Dynamics NAV 2017 (Build 30219)	14 Apr 202007:00	–	mskb
Microsoft KB	Cumulative Update 28 for Microsoft Dynamics NAV 2018 (Build 41920)	14 Apr 202007:00	–	mskb
Microsoft KB	Cumulative Update 18 for Microsoft Dynamics 365 Business Central October'18 on-premises (Application Build 41909, Platform Build 41879)	14 Apr 202007:00	–	mskb
Microsoft KB	Cumulative Update 11 for Microsoft Dynamics 365 Business Central April'19 on-premises (Application Build 14.12.41935, Platform Build 14.0.41862)	14 Apr 202007:00	–	mskb
Microsoft KB	Update 15.5 for Microsoft Dynamics 365 Business Central 2019 Release Wave 2 (Application Build 15.5.41926, Platform Build 15.0.41893)	14 Apr 202007:00	–	mskb
Microsoft KB	Description of the security update for Microsoft Dynamics NAV 2013 R2: April 14, 2020	14 Apr 202007:00	–	mskb

NVD

Node

microsoft dynamics_365_business_centralMatch-

microsoft dynamics_365_business_centralMatch2019release_wave_2

microsoft dynamics_365_business_centralMatch2019spring_update

microsoft dynamics_navMatch2013

microsoft dynamics_navMatch2015

microsoft dynamics_navMatch2016

microsoft dynamics_navMatch2017

microsoft dynamics_navMatch2018

[
  {
    "product": "Microsoft Dynamics NAV 2015",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Microsoft Dynamics 365 BC On Premise",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Microsoft Dynamics NAV 2018",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Microsoft Dynamics NAV 2013",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Microsoft Dynamics NAV 2016",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Microsoft Dynamics NAV 2017",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Dynamics 365 Business Central 2019 Spring Update",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  }
]

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1022

17 Jun 2026 03:00Current

8High risk

Vulners AI Score8

CVSS 26

CVSS 3.18

EPSS0.06831