HIGH🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2020-1147

CVSS 7.8v3.1pub. 2020-07-14upd. 2025-10-29

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Microsoft .net Core

    APP
    Microsoft
    2.13.1
  • Microsoft .net Framework

    APP
    Microsoft
    2.03.03.53.5.14.5.24.64.6.14.6.24.74.7.14.7.24.8
  • Microsoft Sharepoint Enterprise Server

    APP
    Microsoft
    20132016
  • Microsoft SharePoint Server

    APP
    Microsoft
    20102019
  • Microsoft Visual Studio 2017

    APP
    Microsoft
    15.0 – 15.9
  • Microsoft Visual Studio 2019

    APP
    Microsoft
    16.0 – 16.6
  • Microsoft Windows 10

    OS
    Microsoft
    1607170918031809190319092004
  • Microsoft Windows 7

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows 8.1

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Rt 8.1

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Server 2008

    OS
    Microsoft
    r2
  • Microsoft Windows Server 2012

    OS
    Microsoft
    r2
  • Microsoft Windows Server 2016

    OS
    Microsoft
    1803190319092004
  • Microsoft Windows Server 2019

    OS
    Microsoft
    wszystkie wersje

CISA KEV — detailsi

Vendori
Microsoft
Producti
.NET Framework, SharePoint, Visual Studio
Added to KEVi
November 3, 2021
Remediation deadline (US Federal)i
May 3, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML content.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 3 maja 2022
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2026-20963CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE w Windows Server Update Service (WSUS) — deserializacja danych

CVE-2025-53770CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE przez deserialization w Microsoft SharePoint Server (on-premises)

CVE-2023-29357CRITICAL9.8⚠ KEVten sam produkt

Microsoft SharePoint Server Elevation of Privilege Vulnerability

CVE-2020-1350CRITICAL10.0⚠ KEVten sam produkt

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...