Description
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1041, CVE-2020-1042, CVE-2020-1043.
CVSS breakdown
CVSS 3.1
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Microsoft / Windows Server2016 β 2016
- Microsoft / Windows Server2016 (Core installation) β 2016 (Core installation)
- Microsoft / Windows Server2008 R2 for x64-based Systems Service Pack 1 β 2008 R2 for x64-based Systems Service Pack 1
- Microsoft / Windows Server2008 R2 for x64-based Systems Service Pack 1 (Core installation) β 2008 R2 for x64-based Systems Service Pack 1 (Core installation)
- Microsoft / Windows Server2012 β 2012
- Microsoft / Windows Server2012 (Core installation) β 2012 (Core installation)
- Microsoft / Windows Server2012 R2 β 2012 R2
- Microsoft / Windows Server2012 R2 (Core installation) β 2012 R2 (Core installation)