VYPR
Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

Windows TCP/IP Remote Code Execution Vulnerability

CVE-2020-16898

Description

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.

Affected products

7
  • cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*range: 10.0.0
  • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*+ 1 more
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*range: 10.0.0
  • cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Range: 10.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.