VDB

CVE-2020-0906

CVE-2020-0906 PUBLISHED CVSS 8.800000190734863 HIGH

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0979.

EPSS 32.91% · 97.0th percentile

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
32.91%
97.0th percentile

Affected Products

VendorProductVersions
microsoftoffice2013, 2013, 2016
microsoftexcel2016, 2013, 2013
microsoftoffice_365_proplus
MicrosoftMicrosoft Office*, 2019 for 32-bit editions, 2019 for 64-bit editions
MicrosoftOffice 365 ProPlus64-bit Systems, 32-bit Systems
MicrosoftMicrosoft Excel2013 Service Pack 1 (32-bit editions), 2013 RT Service Pack 1, 2010 Service Pack 2 (32-bit editions)

Timeline

  • Apr 15, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 8, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›