Remote Code Execution Vulnerability in Microsoft SQL Server Reporting Services
CVE-2020-0618
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 11 February 2020
Badges
Summary
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services due to improper handling of requests. When an attacker sends crafted requests to the affected service, it could allow the execution of arbitrary code within the context of the application. Exploitation of this vulnerability may enable attackers to take control of the affected system, potentially leading to unauthorized access to sensitive data and other critical operations. It is essential for users to implement security updates and apply the latest patches provided by Microsoft to mitigate this risk.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Microsoft SQL Server 2012 for 32-bit Systems Service Pack 4 (QFE)
Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (CU)
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
97% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🦅
CISA Reported
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved