8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.843 High
EPSS
Percentile
98.4%
07/14/2020
Critical
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft .NET Framework 3.0 Service Pack 2
Azure Storage Explorer
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 4.8
Microsoft .NET Framework 3.5.1
Microsoft SharePoint Server 2019
Microsoft .NET Framework 3.5
Azure DevOps Server 2019.0.1
Microsoft Visual Studio Code ESLint extension
Microsoft Visual Studio 2019 version 16.0
Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2
Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2
Microsoft SharePoint Enterprise Server 2016
Azure DevOps Server 2019 Update 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)
Microsoft .NET Framework 3.5 AND 4.7.2
.NET Core 2.1
Visual Studio Code
Microsoft .NET Framework 4.5.2
TypeScript
Microsoft Visual Studio 2019 version 16.6 (includes 16.0 - 16.5)
Azure DevOps Server 2019 Update 1.1
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 3.5 AND 4.8
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft Visual Studio 2015 Update 3
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
.NET Core 3.1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2020-1393
CVE-2020-1147
CVE-2020-1326
CVE-2020-1416
CVE-2020-1481
ACE
CVE-2020-13934.6Warning
CVE-2020-11476.8High
CVE-2020-13263.5Warning
CVE-2020-14169.3Critical
CVE-2020-14819.3Critical
4566468
4566469
4566466
4566467
4567703
4579980
4578974
4578972
4578971
4579977
4579978
4579979
4578968
4578969
4580328
4579976
4580330
4580327
4580346
4578963
support.microsoft.com/kb/4566466
support.microsoft.com/kb/4566467
support.microsoft.com/kb/4566468
support.microsoft.com/kb/4566469
support.microsoft.com/kb/4567703
support.microsoft.com/kb/4578963
support.microsoft.com/kb/4578968
support.microsoft.com/kb/4578969
support.microsoft.com/kb/4578971
support.microsoft.com/kb/4578972
support.microsoft.com/kb/4578974
support.microsoft.com/kb/4579976
support.microsoft.com/kb/4579977
support.microsoft.com/kb/4579978
support.microsoft.com/kb/4579979
support.microsoft.com/kb/4579980
support.microsoft.com/kb/4580327
support.microsoft.com/kb/4580328
support.microsoft.com/kb/4580330
support.microsoft.com/kb/4580346
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1147
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1326
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1393
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1481
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1147
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1326
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1393
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1416
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1481
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Azure/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.843 High
EPSS
Percentile
98.4%