Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

Microsoft Windows Codecs Library Remote Code Execution Vulnerability

CVE-2020-17022

Description

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted image file. The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory.

Affected products

Microsoft/Windows Codecs Libraryllm-fuzzy
Microsoft/Windows Server version 1709cpe-rescue
Range: N/A
Microsoft/Windows 10 Version 1709 for 32-bit Systemsv5
Range: N/A
Microsoft/Windows 10 Version 1803v5
Range: N/A
Microsoft/Windows 10 1809cpe-rescue
Range: N/A
Microsoft/Windows 10 Version 1903 for 32-bit Systemsv5
Range: N/A
Microsoft/Windows 10 Version 1903 for ARM64-based Systemsv5
Range: N/A
Microsoft/Windows 10 Version 1903 for x64-based Systemsv5
Range: N/A
Microsoft/Windows 10 1909cpe-rescue
Range: N/A
Microsoft/Windows 10 Version 2004v5
Range: N/A

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17022mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000