CVE-2020-0760

Published Apr 15, 2020

Last updated 3 months ago

CVSS high 8.8

Overview

Description: A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:access:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7122C5BF-C7C8-4B20-AACF-03F0ED83A7A4"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:access:2013:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E995599-F698-4E73-9401-4CA47FADFCBE"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:access:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E42DC73-F1D0-47CD-BED8-DB2C6E044E2D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E36D981E-E56D-46C7-9486-FC691A75C497"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A062169-527E-43DA-8AE0-FD4FBA1B2A9B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09BF0981-749E-470B-A7AC-95AD087797EF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "552E1557-D6FA-45DD-9B52-E13ACDBB8A62"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7DDFFB8-2337-4DD7-8120-56CC8EF134B4"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5282C83-86B8-442D-851D-B54E88E8B1F1"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA035812-F35A-43F1-9A8D-EE02201AA10A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9A115C1-45EB-4688-AD7C-C1854850EE9B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D513A61-6427-4F85-AADF-99D6F223AF2B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:rt:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDA98A76-D0D1-4BFA-BEAC-1C2313F7B859"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2B1657C-0FF4-461A-BE2A-641275C4B0A0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CCB2D72-B779-4772-8F72-7177E3F47A92"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7F40F5A-E53D-430A-B3CA-8836288FE47E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:rt:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36A1FA52-BFBD-4C88-9CBE-B68E55C75726"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:powerpoint:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C971A8FC-3897-496D-BB9A-9E6C8A03AEA1"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:project:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39EA4DCC-AA3F-4E3B-8754-BF79B2FD8657"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:project:2013:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33E26FF2-B80D-4C64-B9D5-ED0DE4BF3B1F"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:project:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AA3A3C2-DB00-4095-B445-5A5041EB3194"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:publisher:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78E9611F-1DE1-4FB2-9C70-16602FFC73C7"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:publisher:2013:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB39B6EE-BC01-4D21-A3D8-CDDA268C55FF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB3AA120-CE06-40A3-ADC4-C42077509287"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED0408B6-4FB5-45E9-AD27-301FC383152D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24EEDAD9-9656-4B21-82E4-D60B83777492"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7A48E44-F01A-40AD-B8AF-8FE368248003"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:rt:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45E21528-4B0F-4A6F-82AD-DF7FDBF67C8F"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DA042D4-B14E-4DDF-8423-DFB255679EFE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References