VDB
CVE-2020-1448
CVE-2020-1448
PUBLISHED
CVSS 8.800000190734863 HIGH
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.
EPSS 36.74% · 97.2th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
36.74%
97.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft SharePoint Enterprise Server | 2016 |
| microsoft | word | 2016, 2013 |
| microsoft | office | 2019 |
| Microsoft | Microsoft Word | *, *, 2016 (32-bit edition) |
| Microsoft | Microsoft SharePoint Server | 2019 |
| Microsoft | Microsoft Office Online Server | unspecified |
| microsoft | word_rt | 2013 |
| microsoft | sharepoint_server | 2019 |
| microsoft | sharepoint_enterprise_server | 2016 |
| microsoft | office_online_server | 1.0 |
| microsoft | office_web_apps | 2013 |
| Microsoft | Microsoft Office | *, 2019 for 64-bit editions |
| Microsoft | Microsoft Office Web Apps | 2013 Service Pack 1 |
Exploit Intelligence
Timeline
- Jul 14, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Mar 30, 2023 EPSS Score
- Aug 17, 2023 EPSS Score
- Aug 31, 2023 EPSS Score
- Dec 2, 2023 EPSS Score
- Aug 4, 2024 CVE Updated
- Dec 17, 2024 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 19, 2025 EPSS Score