9.3

CVE-2020-1562

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.
To exploit the vulnerability, a user would have to open a specially crafted file.
The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.

Data is provided by the National Vulnerability Database (NVD)
MicrosoftWindows 10 Version- HwPlatformx64
MicrosoftWindows 10 Version- HwPlatformx86
MicrosoftWindows 10 Version1607 HwPlatformx64
MicrosoftWindows 10 Version1607 HwPlatformx86
MicrosoftWindows 10 Version1709
MicrosoftWindows 10 Version1803
MicrosoftWindows 10 Version1809
MicrosoftWindows 10 Version1903
MicrosoftWindows 10 Version1909
MicrosoftWindows 10 Version2004
MicrosoftWindows 7 Version- Updatesp1
MicrosoftWindows 8.1 Version-
MicrosoftWindows Rt 8.1 Version-
MicrosoftWindows Server 2008 Version- Updatesp2
MicrosoftWindows Server 2016 Version1903
MicrosoftWindows Server 2016 Version1909
MicrosoftWindows Server 2016 Version2004
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 14.5% 0.942
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C