CVE-2020-1147

HIGH KEV

Microsoft .net Core < 15.9 - Remote Code Execution

Title source: rule

Description

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

Exploits (3)

exploitdb WORKING POC
by Podalirius · pythonwebappsaspx
https://www.exploit-db.com/exploits/50151
exploitdb WORKING POC
by West Shepherd · pythonwebappsaspx
https://www.exploit-db.com/exploits/48747
metasploit WORKING POC EXCELLENT
by Steven Seeley, Soroush Dalili, Spencer McIntyre · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/sharepoint_data_deserialization.rb

References (6)

Scores

CVSS v3 7.8
EPSS 0.9343
EPSS Percentile 99.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2021-11-03
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2022-3898
Status published
Products (32)
microsoft/.net_core 2.1
microsoft/.net_core 3.1
microsoft/.net_framework 2.0 sp2
microsoft/.net_framework 3.0 sp2
microsoft/.net_framework 3.5
microsoft/.net_framework 4.6.2
microsoft/.net_framework 4.7
microsoft/.net_framework 4.7.1
microsoft/.net_framework 4.7.2
microsoft/.net_framework 4.6
... and 22 more
Published Jul 14, 2020
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026