.NET Framework Remote Code Execution Vulnerability for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 for x64 (KB4532938)

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

93.865%

CVE Information

Source CVE
CVE-2020-0646

Associated CVE
CVE-2020-0646
CVE-2020-0605
CVE-2020-0606

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
28222

Patch Description
2020-01 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 1909 for x64 (KB4532938)

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0605
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0646
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0646
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0605