CVE-2020-0890

MEDIUM

Windows 10 and Windows Server 2016/2019 - Denial of Service via Malicious Guest Data

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-0890. PoCs published by gerhart01, skasanagottu57gmailv.

AI-analyzed exploit summary This is a working proof-of-concept for a local denial-of-service (DoS) vulnerability in Hyper-V (CVE-2020-0890). The exploit leverages nested virtualization to trigger a BSOD on the host system by manipulating Hyper-V's enlightened VMCS and VP assist page structures.

Description

<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p> <p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p>

Exploits (2)

nomisec WORKING POC 37 stars
by gerhart01 · poc
https://github.com/gerhart01/hyperv_local_dos_poc

This is a working proof-of-concept for a local denial-of-service (DoS) vulnerability in Hyper-V (CVE-2020-0890). The exploit leverages nested virtualization to trigger a BSOD on the host system by manipulating Hyper-V's enlightened VMCS and VP assist page structures.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Hyper-V (Windows Server 2019, Windows 10 with latest patches, and Windows 10 insider preview build 10.0.20206.1000 and earlier)
Auth required
Prerequisites: Nested virtualization must be enabled on the guest VM · Attacker must have administrative privileges to load a driver in the guest OS
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP
by skasanagottu57gmailv · poc
https://github.com/skasanagottu57gmailv/gerhart01

This repository contains a README file describing a proof-of-concept for CVE-2020-0890, a Windows Hyper-V Denial of Service vulnerability. No actual exploit code is present in the provided files.

Classification
Writeup 50%
Attack Type
Dos
Complexity
Theoretical
Reliability
Theoretical
Target: Windows Hyper-V
No auth needed
Prerequisites: Access to a vulnerable Windows Hyper-V environment
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 6.5
EPSS 0.0284
EPSS Percentile 85.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

Status published
Products (9)
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_10 1903
microsoft/windows_10 1909
microsoft/windows_10 2004
microsoft/windows_server_2016 1903
microsoft/windows_server_2016 1909
microsoft/windows_server_2016 2004
microsoft/windows_server_2019
Published Sep 11, 2020
Tracked Since Feb 18, 2026