VDB
CVE-2020-1349
CVE-2020-1349
PUBLISHED
CVSS 7.800000190734863 HIGH
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'.
EPSS 25.97% · 96.4th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
25.97%
96.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | office | 2019 |
| microsoft | 365_apps | |
| Microsoft | Microsoft 365 Apps for Enterprise for 64-bit Systems | * |
| microsoft | outlook | 2010, 2016, 2013 |
| Microsoft | Microsoft 365 Apps for Enterprise for 32-bit Systems | unspecified |
| Microsoft | Microsoft Office | *, 2019 for 64-bit editions |
| Microsoft | Microsoft Outlook | 2010 Service Pack 2 (64-bit editions), *, 2013 Service Pack 1 (64-bit editions) |
Exploit Intelligence
- 0neb1n/CVE-2020-1349 (github-poc)
- 0neb1n/CVE-2020-1349 (github-poc)
- 0neb1n/CVE-2020-1349 (github-poc)
- 0neb1n/CVE-2020-1349 (github-poc)
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1349 (circl)
- http://packetstormsecurity.com/files/169959/Microsoft-Outlook-2019-16.0.12624.20424-Remote-Code-Execution.html (circl)
Timeline
- Jul 14, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Nov 22, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 25, 2023 EPSS Score
- May 8, 2023 EPSS Score
- Jul 18, 2023 EPSS Score
- Aug 17, 2023 EPSS Score
- Aug 31, 2023 EPSS Score
- Oct 16, 2023 EPSS Score
- Oct 31, 2023 EPSS Score
References
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1349 url
- http://packetstormsecurity.com/files/169959/Microsoft-Outlook-2019-16.0.12624.20424-Remote-Code-Execution.html url
- https://nvd.nist.gov/vuln/detail/CVE-2020-1349 advisory