Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2020-0650
HistoryJan 14, 2020 - 11:15 p.m.

CVE-2020-0650

2020-01-1423:15:33
microsoft
web.nvd.nist.gov
173
cve-2020-0650
microsoft excel
remote code execution
vulnerability
nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka ‘Microsoft Excel Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653.

Affected configurations

Nvd
Vulners
Node
microsoftexcelMatch2010sp2
OR
microsoftexcelMatch2013sp1
OR
microsoftexcelMatch2013sp1rt
OR
microsoftexcelMatch2016
OR
microsoftexcelMatch2016macos
OR
microsoftexcelMatch2019
OR
microsoftexcelMatch2019macos
OR
microsoftoffice_365_proplusMatch-
VendorProductVersionCPE
microsoftexcel2010cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
microsoftexcel2013cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*
microsoftexcel2013cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*
microsoftexcel2016cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
microsoftexcel2016cpe:2.3:a:microsoft:excel:2016:*:*:*:*:macos:*:*
microsoftexcel2019cpe:2.3:a:microsoft:excel:2019:*:*:*:*:*:*:*
microsoftexcel2019cpe:2.3:a:microsoft:excel:2019:*:*:*:*:macos:*:*
microsoftoffice_365_proplus-cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Microsoft Office",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2019 for 32-bit editions"
      },
      {
        "status": "affected",
        "version": "2019 for 64-bit editions"
      },
      {
        "status": "affected",
        "version": "2019 for Mac"
      },
      {
        "status": "affected",
        "version": "2016 for Mac"
      }
    ]
  },
  {
    "product": "Office 365 ProPlus",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "32-bit Systems"
      },
      {
        "status": "affected",
        "version": "64-bit Systems"
      }
    ]
  },
  {
    "product": "Microsoft Excel",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2016 (32-bit edition)"
      },
      {
        "status": "affected",
        "version": "2016 (64-bit edition)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 RT Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (64-bit editions)"
      }
    ]
  }
]

Related

cvelist 3
nvd 3
prion 3
cve 2
mskb 3
openvas 5
nessus 3
symantec 3
mscve 3
kaspersky 1
talosblog 1
cvelist
cvelist
CVE-2020-0653
2020-01-14 23:11:40
CVE-2020-0651
2020-01-14 23:11:39
CVE-2020-0650
2020-01-14 23:11:39
nvd
nvd
CVE-2020-0650
2020-01-14 23:15:33
CVE-2020-0653
2020-01-14 23:15:33
CVE-2020-0651
2020-01-14 23:15:33
prion
prion
Remote code execution
2020-01-14 23:15:00
Remote code execution
2020-01-14 23:15:00
Remote code execution
2020-01-14 23:15:00
cve
cve
CVE-2020-0653
2020-01-14 23:15:33
CVE-2020-0651
2020-01-14 23:15:33
mskb
mskb
Description of the security update for Excel 2016: January 14, 2020
2020-01-14 08:00:00
Description of the security update for Excel 2010: January 14, 2020
2020-01-14 08:00:00
Description of the security update for Excel 2013: January 14, 2020
2020-01-14 08:00:00
openvas
openvas
Microsoft Office Multiple Vulnerabilities (Jan 2020) - Mac OS X
2020-01-15 00:00:00
Microsoft Excel 2010 Service Pack 2 Remote Code Execution Vulnerabilities (KB4484243)
2020-01-15 00:00:00
Microsoft Excel 2016 Remote Code Execution Vulnerabilities (KB4484217)
2020-01-15 00:00:00
nessus
nessus
Security Updates for Microsoft Excel Products (January 2020)
2020-01-14 00:00:00
Security Updates for Microsoft Excel Products C2R (January 2020)
2022-06-10 00:00:00
Security Updates for Microsoft Office Products (January 2020) (macOS)
2020-01-15 00:00:00
symantec
symantec
Microsoft Excel CVE-2020-0650 Remote Code Execution Vulnerability
2020-01-14 00:00:00
Microsoft Excel CVE-2020-0653 Remote Code Execution Vulnerability
2020-01-14 00:00:00
Microsoft Excel CVE-2020-0651 Remote Code Execution Vulnerability
2020-01-14 00:00:00
mscve
mscve
Microsoft Excel Remote Code Execution Vulnerability
2020-01-14 08:00:00
Microsoft Excel Remote Code Execution Vulnerability
2020-01-14 08:00:00
Microsoft Excel Remote Code Execution Vulnerability
2020-01-14 08:00:00
kaspersky
kaspersky
KLA11633 Multiple vulnerabilities in Microsoft Office
2020-01-14 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage
2020-01-17 10:14:27

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON
Related for CVE-2020-0650
cvelist3nvd3prion3cve2mskb3openvas5nessus3symantec3mscve3kaspersky1talosblog1