CVE-2020-1040 - Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
Project:Microsoft
Product:Hyper-V RemoteFX
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
Description
Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful exploitation allows for remote code execution on the host operating system.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-1040