CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-1040

Known Exploited (CISA KEV)CRITICAL
9.0
CVSS Severity Score
EPSS Score28.2220%
EPSS Percentile90.33th
Published2020年7月14日
Last Modified2025年10月29日

Vulnerability Description

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1041, CVE-2020-1042, CVE-2020-1043.

Affected Platforms (CPE)

💻
Microsoft

Windows Server 2008

= r2
💻
Microsoft

Windows Server 2012

All versions
💻
Microsoft

Windows Server 2012

= r2
💻
Microsoft

Windows Server 2016

All versions

References & Advisories

🔗 https://nvidia.custhelp.com/app/answers/detail/a_id/5044
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1040
🔗 https://nvidia.custhelp.com/app/answers/detail/a_id/5044
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1040
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1040

相關漏洞威脅

CVE-2009-121610.0

Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windo...

CVE-2008-300910.0

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do no...

CVE-2008-403810.0

Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allow...

CVE-2009-008610.0

Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, V...