CVE-2020-0847

EUVD-2020-2318
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4540693
1607 (x64, x86)
KB4540670
1709 (arm64, x64, x86)
KB4540681
1803 (arm64, x64, x86)
KB4540689
1809 (arm64, x64, x86)
KB4538461
1903 (arm64, x64, x86)
KB4540673
1909 (arm64, x64, x86)
KB4540673
Windows 7
Service Pack 1 (x64, x86)
KB4540671
Service Pack 1 (x64, x86)
KB4540688
Windows 8.1
(x64, x86)
KB4540671
(x64, x86)
KB4541509
Windows RT 8.1
All
KB4541509
Windows Server 2008
Service Pack 2 (x64, x86)
KB4541506
Service Pack 2 (x64, x86)
KB4540671
Windows Server 2008 R2
Service Pack 1 (x64)
KB4540671
Service Pack 1 (x64)
KB4540688
Windows Server 2012
Standard
KB4540671
Standard
KB4541510
Windows Server 2012 R2
Standard
KB4540671
Standard
KB4541509
Windows Server 2016
Standard
KB4540670
Windows Server 2019
Standard
KB4538461
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0847
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0847