CVE-2020-1449
7.8HIGH
Summary
A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.
Affected Version(s)
Microsoft 365 Apps for Enterprise for 32-bit Systems = unspecified
Microsoft 365 Apps for Enterprise for 64-bit Systems = unspecified
Microsoft Office 2019 for 32-bit editions
References
EPSS Score
2% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database