.NET Framework Remote Code Execution Vulnerability for .NET Framework 4.8 for Windows 7 and Server 2008 R2 for x64 (KB4532952)

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

93.865%

CVE Information

Source CVE
CVE-2020-0646

Associated CVE
CVE-2020-0646
CVE-2020-0605
CVE-2020-0606

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
28186

Patch Description
KB4534976, 2020-01 Security Only Update for .NET Framework 4.8 for Windows 7 and Server 2008 R2 for x64 (KB4532952)

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0605
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0646
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0646
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0605