CVE-2020-1147 — Actively Exploited: .NET Framework, SharePoint, Visual Studio (Microsoft)
Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML conten
| CVE ID | CVE-2020-1147 |
|---|---|
| Vendor | Microsoft |
| Product | .NET Framework, SharePoint, Visual Studio |
| Vulnerability name | Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability |
| Date added | 2021-11-03 |
| Remediation due | 2022-05-03 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML content. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →