CVE Vulnerabilities

CVE-2020-1117

Published: May 21, 2020 | Modified: Jul 21, 2021
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory, aka Microsoft Color Management Remote Code Execution Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_10 Microsoft 1607 (including) 1607 (including)
Windows_10 Microsoft 1709 (including) 1709 (including)
Windows_10 Microsoft 1803 (including) 1803 (including)
Windows_10 Microsoft 1809 (including) 1809 (including)
Windows_10 Microsoft 1903 (including) 1903 (including)
Windows_10 Microsoft 1909 (including) 1909 (including)
Windows_server_2016 Microsoft - (including) - (including)
Windows_server_2019 Microsoft - (including) - (including)
Windows_server_2019 Microsoft 1903 (including) 1903 (including)
Windows_server_2019 Microsoft 1909 (including) 1909 (including)

References