Lucene search
MicrosoftCVE-2020-1243HistoryOct 16, 2020 - 11:15 p.m.
CVE-2020-1243
2020-10-1623:15:17
microsoft
web.nvd.nist.gov
120
cve-2020-1243
microsoft
hyper-v
denial of service
vulnerability
guest operating system
nvd
security update
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
9.5%
<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p>
<p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p>
<p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p>
Affected configurations
Node
microsoftwindows_10Match1607x64
ORmicrosoftwindows_10Match1709x64
ORmicrosoftwindows_10Match1803x64
ORmicrosoftwindows_10Match1809x64
ORmicrosoftwindows_10Match1903x64
ORmicrosoftwindows_10Match2004x64
ORmicrosoftwindows_server_2016Match-
ORmicrosoftwindows_server_2016Match1903
ORmicrosoftwindows_server_2016Match1909
ORmicrosoftwindows_server_2016Match2004
ORmicrosoftwindows_server_2019Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10 | 1607 | cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:* |
| microsoft | windows_10 | 1709 | cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:* |
| microsoft | windows_10 | 1803 | cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:* |
| microsoft | windows_10 | 1809 | cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:* |
| microsoft | windows_10 | 1903 | cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x64:* |
| microsoft | windows_10 | 2004 | cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:* |
| microsoft | windows_server_2016 | - | cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1903 | cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 1909 | cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | 2004 | cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1803",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1809",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1909",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server, version 1909 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1709",
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1903 for x64-based Systems",
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server, version 1903 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 2004",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server version 2004",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1607",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2020-10-16 23:15:00
mscve
mscve
Windows Hyper-V Denial of Service Vulnerability
2020-10-13 07:00:00
nvd
nvd
CVE-2020-1243
2020-10-16 23:15:17
cvelist
cvelist
CVE-2020-1243 Windows Hyper-V Denial of Service Vulnerability
2020-10-16 22:18:14
nessus
nessus
mskb
mskb
October 13, 2020âKB4580346 (OS Build 14393.3986) - EXPIRED
2020-10-13 07:00:00
October 13, 2020âKB4580328 (OS Build 16299.2166)
2020-10-13 07:00:00
October 13, 2020âKB4577668 (OS Build 17763.1518) - EXPIRED
2020-10-13 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4580346)
2020-10-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4580330)
2020-10-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4580328)
2020-10-14 00:00:00
kaspersky
kaspersky
KLA11977 Multiple vulnerabilities in Microsoft Windows
2020-10-13 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
9.5%
Related for CVE-2020-1243