cvelistv5 - cve-2020-16898

cve-2020-16898

Vulnerability from cvelistv5

Published

2020-10-16 22:17

Modified

2024-08-04 13:45

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Summary

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.

References

▼	URL	Tags
	secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898	Patch, Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Microsoft

Windows 10 Version 1803

Version: 10.0.0 < publication
 cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
 cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
 cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*

Microsoft	Windows 10 Version 1809	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10_1809:::::::x86:* cpe:2.3:o:microsoft:windows_10_1809:::::::x64:* cpe:2.3:o:microsoft:windows_10_1809:::::::arm64:*
Microsoft	Windows Server 2019	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_server_2019::::::::
Microsoft	Windows Server 2019 (Server Core installation)	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_server_2019::::::::
Microsoft	Windows 10 Version 1909	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10_1909:::::::x86:* cpe:2.3:o:microsoft:windows_10_1909:::::::x64:* cpe:2.3:o:microsoft:windows_10_1809:::::::x64:*
Microsoft	Windows Server, version 1909 (Server Core installation)	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_server_1909::::::::
Microsoft	Windows 10 Version 1709 for 32-bit Systems	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10:1709:::::::*
Microsoft	Windows 10 Version 1709	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10:1709:::::::*
Microsoft	Windows 10 Version 1903 for 32-bit Systems	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10:1903:::::::*
Microsoft	Windows 10 Version 1903 for x64-based Systems	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10:1903:::::::*
Microsoft	Windows 10 Version 1903 for ARM64-based Systems	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10:1903:::::::*
Microsoft	Windows Server, version 1903 (Server Core installation)	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_server_1903::::::::
Microsoft	Windows 10 Version 2004	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10_1809:::::::x64:*
Microsoft	Windows Server version 2004	Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_server_2004::::::::

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T13:45:34.539Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                  "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                  "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*",
               ],
               platforms: [
                  "32-bit Systems",
                  "x64-based Systems",
                  "ARM64-based Systems",
               ],
               product: "Windows 10 Version 1803",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                  "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
               ],
               platforms: [
                  "32-bit Systems",
                  "x64-based Systems",
                  "ARM64-based Systems",
               ],
               product: "Windows 10 Version 1809",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "x64-based Systems",
               ],
               product: "Windows Server 2019",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "x64-based Systems",
               ],
               product: "Windows Server 2019 (Server Core installation)",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                  "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                  "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
               ],
               platforms: [
                  "32-bit Systems",
                  "x64-based Systems",
                  "ARM64-based Systems",
               ],
               product: "Windows 10 Version 1909",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "x64-based Systems",
               ],
               product: "Windows Server, version 1909 (Server Core installation)",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "32-bit Systems",
               ],
               product: "Windows 10 Version 1709 for 32-bit Systems",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "x64-based Systems",
                  "ARM64-based Systems",
               ],
               product: "Windows 10 Version 1709",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "Unknown",
               ],
               product: "Windows 10 Version 1903 for 32-bit Systems",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "Unknown",
               ],
               product: "Windows 10 Version 1903 for x64-based Systems",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "Unknown",
               ],
               product: "Windows 10 Version 1903 for ARM64-based Systems",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "x64-based Systems",
               ],
               product: "Windows Server, version 1903 (Server Core installation)",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
               ],
               platforms: [
                  "32-bit Systems",
                  "ARM64-based Systems",
                  "x64-based Systems",
               ],
               product: "Windows 10 Version 2004",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*",
               ],
               platforms: [
                  "x64-based Systems",
               ],
               product: "Windows Server version 2004",
               vendor: "Microsoft",
               versions: [
                  {
                     lessThan: "publication",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-10-13T07:00:00+00:00",
         descriptions: [
            {
               lang: "en-US",
               value: "<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p>\n<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.</p>\n<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>\n",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en-US",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Remote Code Execution",
                     lang: "en-US",
                     type: "Impact",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-31T19:20:07.571Z",
            orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            shortName: "microsoft",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
            },
         ],
         title: "Windows TCP/IP Remote Code Execution Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
      assignerShortName: "microsoft",
      cveId: "CVE-2020-16898",
      datePublished: "2020-10-16T22:17:40",
      dateReserved: "2020-08-04T00:00:00",
      dateUpdated: "2024-08-04T13:45:34.539Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2020-16898\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2020-10-16T23:15:13.633\",\"lastModified\":\"2024-11-21T05:07:20.910\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p>\\n<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.</p>\\n<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>\\n\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de ejecución de código remota cuando la pila TCP/IP de Windows maneja inapropiadamente los paquetes de ICMPv6 Router Advertisement, también se conoce como \\\"Windows TCP/IP Remote Code Execution Vulnerability\\\"\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.5,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83B14968-3985-43C3-ACE5-8307196EFAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CB85C75-4D35-480E-843D-60579EC75FCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B8F3DD2-A145-4AF1-8545-CC42892DA3D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9273B95-20ED-4547-B0A8-95AD15B30372\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAE74AF3-C559-4645-A6C0-25C3D647AAC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B921FDB-8E7D-427E-82BE-4432585080CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C253A63F-03AB-41CB-A03A-B2674DEA98AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B60D940-80C7-49F0-8F4E-3F99AC15FA82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"}]}]}],\"references\":[{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
   },
}

fkie_cve-2020-16898

Vulnerability from fkie_nvd

Published

2020-10-16 23:15

Modified

2024-11-21 05:07

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
microsoft	windows_10	1709
microsoft	windows_10	1803
microsoft	windows_10	1809
microsoft	windows_10	1903
microsoft	windows_10	1909
microsoft	windows_10	2004
microsoft	windows_server_2016	1903
microsoft	windows_server_2016	1909
microsoft	windows_server_2016	2004
microsoft	windows_server_2019	-

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                     matchCriteriaId: "83B14968-3985-43C3-ACE5-8307196EFAE3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CB85C75-4D35-480E-843D-60579EC75FCB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                     matchCriteriaId: "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9273B95-20ED-4547-B0A8-95AD15B30372",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAE74AF3-C559-4645-A6C0-25C3D647AAC8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B921FDB-8E7D-427E-82BE-4432585080CF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*",
                     matchCriteriaId: "C253A63F-03AB-41CB-A03A-B2674DEA98AA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B60D940-80C7-49F0-8F4E-3F99AC15FA82",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p>\n<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.</p>\n<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>\n",
      },
      {
         lang: "es",
         value: "Se presenta una vulnerabilidad de ejecución de código remota cuando la pila TCP/IP de Windows maneja inapropiadamente los paquetes de ICMPv6 Router Advertisement, también se conoce como \"Windows TCP/IP Remote Code Execution Vulnerability\"",
      },
   ],
   id: "CVE-2020-16898",
   lastModified: "2024-11-21T05:07:20.910",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "secure@microsoft.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Secondary",
         },
      ],
   },
   published: "2020-10-16T23:15:13.633",
   references: [
      {
         source: "secure@microsoft.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
      },
   ],
   sourceIdentifier: "secure@microsoft.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

sca-2020-0005

Vulnerability from csaf_sick

Published

2020-10-29 11:00

Modified

2020-10-29 11:00

Summary

Package Analytics affected by Windows TCP/IP vulnerability

Notes

Microsoft disclosed a critical vulnerability in the way ICMPv6 Router Advertisement packets are handled on Windows 10 and Windows Server 2019. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.

All Package Analytics versions 4.0 to 4.1.2, which run on PCs containing the affected Windows OS, will be affected. However there are instances of PA running on older versions of Windows such as Windows 7, Windows Server 2012 R2, Windows Server 2016 R2 which do not appear in the list of affected OS for this issue.

General Security Measures

As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.

Vulnerability Classification

SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "summary",
            text: "Microsoft disclosed a critical vulnerability in the way ICMPv6 Router Advertisement packets are\nhandled on Windows 10 and Windows Server 2019. An attacker who successfully exploited this\nvulnerability could gain the ability to execute code on the target server or client.\nTo exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router\nAdvertisement packets to a remote Windows computer.\n",
         },
         {
            category: "details",
            text: "All Package Analytics versions 4.0 to 4.1.2, which run on PCs containing the affected Windows OS,\nwill be affected.\nHowever there are instances of PA running on older versions of Windows such as Windows 7,\nWindows Server 2012 R2, Windows Server 2016 R2 which do not appear in the list of affected OS for\nthis issue.",
         },
         {
            category: "general",
            text: "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
            title: "General Security Measures",
         },
         {
            category: "general",
            text: "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
            title: "Vulnerability Classification",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "psirt@sick.de",
         issuing_authority: "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
         name: "SICK PSIRT",
         namespace: "https://sick.com/psirt",
      },
      references: [
         {
            summary: "SICK PSIRT Security Advisories",
            url: "https://sick.com/psirt",
         },
         {
            summary: "SICK Operating Guidelines",
            url: "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF",
         },
         {
            summary: "ICS-CERT recommended practices on Industrial Security",
            url: "http://ics-cert.us-cert.gov/content/recommended-practices",
         },
         {
            summary: "CVSS v3.1 Calculator",
            url: "https://www.first.org/cvss/calculator/3.1",
         },
         {
            category: "self",
            summary: "The canonical URL.",
            url: "https://www.sick.com/.well-known/csaf/white/2020/sca-2020-0005.json",
         },
      ],
      title: "Package Analytics affected by Windows TCP/IP vulnerability",
      tracking: {
         current_release_date: "2020-10-29T11:00:00.000Z",
         generator: {
            date: "2023-02-09T14:42:29.970Z",
            engine: {
               name: "Secvisogram",
               version: "2.0.0",
            },
         },
         id: "SCA-2020-0005",
         initial_release_date: "2020-10-29T11:00:00.000Z",
         revision_history: [
            {
               date: "2020-10-29T11:00:00.000Z",
               number: "1",
               summary: "Initial Release",
            },
            {
               date: "2023-02-09T11:00:00.000Z",
               number: "2",
               summary: "Updated Advisory (only visual changes)",
            },
         ],
         status: "final",
         version: "2",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "4.0 up to 4.1.2",
                        product: {
                           name: "SICK Package Analytics 4.0 up to 4.1.2",
                           product_id: "CSAFPID-0001",
                           product_identification_helper: {
                              x_generic_uris: [
                                 {
                                    namespace: "SICK:Website",
                                    uri: "SICK:Website:https://www.sick.com/de/de/p/p600146",
                                 },
                              ],
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Package Analytics",
               },
            ],
            category: "vendor",
            name: "SICK AG",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2020-16898",
         notes: [
            {
               category: "description",
               text: "A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.",
               title: "CVE description",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               summary: "Microsoft Security Advisory",
               url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "This issue is addressed in the Microsoft update for CVE-2020-16898.",
               product_ids: [
                  "CSAFPID-0001",
               ],
               url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
            },
            {
               category: "mitigation",
               details: "If you find yourself in a situation where an update is not doable. Microsoft advises the following workarounds:\n\n<br />\n\n**Disable ICMPv6 RDNSS**: \n\nThe following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place:\n\nYou can check your \\*INTERFACENUMBER\\* by running this command in a cmd:\n\n```cmd\nroute print\n```\n\nYou can disable ICMPv6 RDNSS, to prevent attackers from exploiting the vulnerability, with the PowerShell command below. This workaround is only available for Windows 1709 and above. See What's new in Windows Server 1709 for more information.\n\n```powershell\nnetsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=disable\n```\n**Note:** No reboot is needed after making the change.\n\n<br />\n\nYou can disable the workaround with the PowerShell command below.\n\n```powershell\nnetsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=enable\n```\n**Note:** No reboot is needed after disabling the workaround.\n\n<br />\n\nPackage Analytics has been verified to function without any issue and is compatible with the prescribed Microsoft update. No additional PA patches are necessary.",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitCodeMaturity: "PROOF_OF_CONCEPT",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  remediationLevel: "OFFICIAL_FIX",
                  reportConfidence: "CONFIRMED",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
   ],
}

SCA-2020-0005

Vulnerability from csaf_sick

Published

2020-10-29 11:00

Modified

2020-10-29 11:00

Summary

Package Analytics affected by Windows TCP/IP vulnerability

Notes

General Security Measures

Vulnerability Classification

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "summary",
            text: "Microsoft disclosed a critical vulnerability in the way ICMPv6 Router Advertisement packets are\nhandled on Windows 10 and Windows Server 2019. An attacker who successfully exploited this\nvulnerability could gain the ability to execute code on the target server or client.\nTo exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router\nAdvertisement packets to a remote Windows computer.\n",
         },
         {
            category: "details",
            text: "All Package Analytics versions 4.0 to 4.1.2, which run on PCs containing the affected Windows OS,\nwill be affected.\nHowever there are instances of PA running on older versions of Windows such as Windows 7,\nWindows Server 2012 R2, Windows Server 2016 R2 which do not appear in the list of affected OS for\nthis issue.",
         },
         {
            category: "general",
            text: "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
            title: "General Security Measures",
         },
         {
            category: "general",
            text: "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
            title: "Vulnerability Classification",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "psirt@sick.de",
         issuing_authority: "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
         name: "SICK PSIRT",
         namespace: "https://sick.com/psirt",
      },
      references: [
         {
            summary: "SICK PSIRT Security Advisories",
            url: "https://sick.com/psirt",
         },
         {
            summary: "SICK Operating Guidelines",
            url: "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF",
         },
         {
            summary: "ICS-CERT recommended practices on Industrial Security",
            url: "http://ics-cert.us-cert.gov/content/recommended-practices",
         },
         {
            summary: "CVSS v3.1 Calculator",
            url: "https://www.first.org/cvss/calculator/3.1",
         },
         {
            category: "self",
            summary: "The canonical URL.",
            url: "https://www.sick.com/.well-known/csaf/white/2020/sca-2020-0005.json",
         },
      ],
      title: "Package Analytics affected by Windows TCP/IP vulnerability",
      tracking: {
         current_release_date: "2020-10-29T11:00:00.000Z",
         generator: {
            date: "2023-02-09T14:42:29.970Z",
            engine: {
               name: "Secvisogram",
               version: "2.0.0",
            },
         },
         id: "SCA-2020-0005",
         initial_release_date: "2020-10-29T11:00:00.000Z",
         revision_history: [
            {
               date: "2020-10-29T11:00:00.000Z",
               number: "1",
               summary: "Initial Release",
            },
            {
               date: "2023-02-09T11:00:00.000Z",
               number: "2",
               summary: "Updated Advisory (only visual changes)",
            },
         ],
         status: "final",
         version: "2",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "4.0 up to 4.1.2",
                        product: {
                           name: "SICK Package Analytics 4.0 up to 4.1.2",
                           product_id: "CSAFPID-0001",
                           product_identification_helper: {
                              x_generic_uris: [
                                 {
                                    namespace: "SICK:Website",
                                    uri: "SICK:Website:https://www.sick.com/de/de/p/p600146",
                                 },
                              ],
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Package Analytics",
               },
            ],
            category: "vendor",
            name: "SICK AG",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2020-16898",
         notes: [
            {
               category: "description",
               text: "A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.",
               title: "CVE description",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               summary: "Microsoft Security Advisory",
               url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "This issue is addressed in the Microsoft update for CVE-2020-16898.",
               product_ids: [
                  "CSAFPID-0001",
               ],
               url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
            },
            {
               category: "mitigation",
               details: "If you find yourself in a situation where an update is not doable. Microsoft advises the following workarounds:\n\n<br />\n\n**Disable ICMPv6 RDNSS**: \n\nThe following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place:\n\nYou can check your \\*INTERFACENUMBER\\* by running this command in a cmd:\n\n```cmd\nroute print\n```\n\nYou can disable ICMPv6 RDNSS, to prevent attackers from exploiting the vulnerability, with the PowerShell command below. This workaround is only available for Windows 1709 and above. See What's new in Windows Server 1709 for more information.\n\n```powershell\nnetsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=disable\n```\n**Note:** No reboot is needed after making the change.\n\n<br />\n\nYou can disable the workaround with the PowerShell command below.\n\n```powershell\nnetsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=enable\n```\n**Note:** No reboot is needed after disabling the workaround.\n\n<br />\n\nPackage Analytics has been verified to function without any issue and is compatible with the prescribed Microsoft update. No additional PA patches are necessary.",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitCodeMaturity: "PROOF_OF_CONCEPT",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  remediationLevel: "OFFICIAL_FIX",
                  reportConfidence: "CONFIRMED",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
   ],
}

gsd-2020-16898

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.

Aliases

CVE-2020-16898

Aliases

CVE-2020-16898

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2020-16898",
      description: "A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.",
      id: "GSD-2020-16898",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2020-16898",
         ],
         details: "A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.",
         id: "GSD-2020-16898",
         modified: "2023-12-13T01:21:45.959361Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "secure@microsoft.com",
            ID: "CVE-2020-16898",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "Windows 10 Version 1803",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 1809",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows Server 2019",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows Server 2019 (Server Core installation)",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 1909",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows Server, version 1909 (Server Core installation)",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 1709 for 32-bit Systems",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 1709",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 1903 for 32-bit Systems",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 1903 for x64-based Systems",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 1903 for ARM64-based Systems",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows Server, version 1903 (Server Core installation)",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows 10 Version 2004",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Windows Server version 2004",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "publication",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "Microsoft",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p>\n<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.</p>\n<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>\n",
               },
            ],
         },
         impact: {
            cvss: [
               {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "Remote Code Execution",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
                  refsource: "MISC",
                  url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         cve: {
            configurations: [
               {
                  nodes: [
                     {
                        cpeMatch: [
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                              matchCriteriaId: "83B14968-3985-43C3-ACE5-8307196EFAE3",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                              matchCriteriaId: "7CB85C75-4D35-480E-843D-60579EC75FCB",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                              matchCriteriaId: "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
                              matchCriteriaId: "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
                              matchCriteriaId: "E9273B95-20ED-4547-B0A8-95AD15B30372",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
                              matchCriteriaId: "AAE74AF3-C559-4645-A6C0-25C3D647AAC8",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
                              matchCriteriaId: "5B921FDB-8E7D-427E-82BE-4432585080CF",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*",
                              matchCriteriaId: "C253A63F-03AB-41CB-A03A-B2674DEA98AA",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
                              matchCriteriaId: "0B60D940-80C7-49F0-8F4E-3F99AC15FA82",
                              vulnerable: true,
                           },
                           {
                              criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                              matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968",
                              vulnerable: true,
                           },
                        ],
                        negate: false,
                        operator: "OR",
                     },
                  ],
               },
            ],
            descriptions: [
               {
                  lang: "en",
                  value: "<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p>\n<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.</p>\n<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>\n",
               },
               {
                  lang: "es",
                  value: "Se presenta una vulnerabilidad de ejecución de código remota cuando la pila TCP/IP de Windows maneja inapropiadamente los paquetes de ICMPv6 Router Advertisement, también se conoce como \"Windows TCP/IP Remote Code Execution Vulnerability\"",
               },
            ],
            id: "CVE-2020-16898",
            lastModified: "2023-12-31T20:15:48.980",
            metrics: {
               cvssMetricV2: [
                  {
                     acInsufInfo: false,
                     baseSeverity: "MEDIUM",
                     cvssData: {
                        accessComplexity: "LOW",
                        accessVector: "ADJACENT_NETWORK",
                        authentication: "NONE",
                        availabilityImpact: "PARTIAL",
                        baseScore: 5.8,
                        confidentialityImpact: "PARTIAL",
                        integrityImpact: "PARTIAL",
                        vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                        version: "2.0",
                     },
                     exploitabilityScore: 6.5,
                     impactScore: 6.4,
                     obtainAllPrivilege: false,
                     obtainOtherPrivilege: false,
                     obtainUserPrivilege: false,
                     source: "nvd@nist.gov",
                     type: "Primary",
                     userInteractionRequired: false,
                  },
               ],
               cvssMetricV31: [
                  {
                     cvssData: {
                        attackComplexity: "LOW",
                        attackVector: "ADJACENT_NETWORK",
                        availabilityImpact: "HIGH",
                        baseScore: 8.8,
                        baseSeverity: "HIGH",
                        confidentialityImpact: "HIGH",
                        integrityImpact: "HIGH",
                        privilegesRequired: "NONE",
                        scope: "UNCHANGED",
                        userInteraction: "NONE",
                        vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        version: "3.1",
                     },
                     exploitabilityScore: 2.8,
                     impactScore: 5.9,
                     source: "secure@microsoft.com",
                     type: "Primary",
                  },
                  {
                     cvssData: {
                        attackComplexity: "LOW",
                        attackVector: "ADJACENT_NETWORK",
                        availabilityImpact: "HIGH",
                        baseScore: 8.8,
                        baseSeverity: "HIGH",
                        confidentialityImpact: "HIGH",
                        integrityImpact: "HIGH",
                        privilegesRequired: "NONE",
                        scope: "UNCHANGED",
                        userInteraction: "NONE",
                        vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        version: "3.1",
                     },
                     exploitabilityScore: 2.8,
                     impactScore: 5.9,
                     source: "nvd@nist.gov",
                     type: "Secondary",
                  },
               ],
            },
            published: "2020-10-16T23:15:13.633",
            references: [
               {
                  source: "secure@microsoft.com",
                  tags: [
                     "Patch",
                     "Vendor Advisory",
                  ],
                  url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
               },
            ],
            sourceIdentifier: "secure@microsoft.com",
            vulnStatus: "Modified",
            weaknesses: [
               {
                  description: [
                     {
                        lang: "en",
                        value: "NVD-CWE-noinfo",
                     },
                  ],
                  source: "nvd@nist.gov",
                  type: "Primary",
               },
            ],
         },
      },
   },
}

ghsa-8vrv-2fm5-wpvr

Vulnerability from github

Published

2022-05-24 17:30

Modified

2023-12-31 21:30

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2020-16898",
   ],
   database_specific: {
      cwe_ids: [],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2020-10-16T23:15:00Z",
      severity: "HIGH",
   },
   details: "A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.",
   id: "GHSA-8vrv-2fm5-wpvr",
   modified: "2023-12-31T21:30:22Z",
   published: "2022-05-24T17:30:55Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2020-16898",
      },
      {
         type: "WEB",
         url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
         type: "CVSS_V3",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2020-16898

Vulnerability from cvelistv5

fkie_cve-2020-16898

Vulnerability from fkie_nvd

sca-2020-0005

Vulnerability from csaf_sick

SCA-2020-0005

Vulnerability from csaf_sick

gsd-2020-16898

Vulnerability from gsd

ghsa-8vrv-2fm5-wpvr

Vulnerability from github

Tags

Sightings

Nomenclature