Published: 09/06/2020 Updated: 15/06/2020

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user, aka 'Windows Shell Remote Code Execution Vulnerability'.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 1803
microsoft windows 10 1809
microsoft windows 10 1903
microsoft windows 10 1909
microsoft windows 10 2004
microsoft windows server 2016 1803
microsoft windows server 2016 1903
microsoft windows server 2016 1909
microsoft windows server 2016 2004
microsoft windows server 2019 -

June's Patch Tuesday reveals 23 ways to remotely pwn Windows – and over 100 more bugs that could ruin your day

The Register • Shaun Nichols in San Francisco • 09 Jun 2020

Microsoft, Intel, Adobe, SAP emit fixes in security synchronicity

Patch Tuesday Microsoft has given IT admins and folks another busy Patch Tuesday with 129 security vulnerabilities to address. The Redmond giant has posted fixes for CVE-listed bugs in its latest monthly security update, including 23 that allow for remote code execution. The massive bundle is not entirely unexpected, as security experts have suggested that vendors are still catching up on their patching and reporting routines. Of the 129 patches this month, 11 were rated by Microsoft as critical...

CVE-2020-1286

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect