VDB
CVE-2020-0906
CVE-2020-0906
PUBLISHED
CVSS 8.800000190734863 HIGH
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0979.
EPSS 32.91% · 97.0th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
32.91%
97.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | office | 2013, 2013, 2016 |
| microsoft | excel | 2016, 2013, 2013 |
| microsoft | office_365_proplus | |
| Microsoft | Microsoft Office | *, 2019 for 32-bit editions, 2019 for 64-bit editions |
| Microsoft | Office 365 ProPlus | 64-bit Systems, 32-bit Systems |
| Microsoft | Microsoft Excel | 2013 Service Pack 1 (32-bit editions), 2013 RT Service Pack 1, 2010 Service Pack 2 (32-bit editions) |
Exploit Intelligence
Timeline
- Apr 15, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 8, 2023 EPSS Score
- Mar 11, 2023 EPSS Score