CVE-2020-1445

CVE Database · CVE-2020-1445

CVE-2020-1445

· MEDIUMModified

CVSS v3.1

5.5

EPSS

6.12%

Published

Jul 14, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products (14)

microsoft · 365_appsvulnerable

microsoft · officevulnerable

microsoft · office_online_servervulnerable

microsoft · office_web_appsvulnerable

microsoft · sharepoint_enterprise_servervulnerable

References (2)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1445

PatchVendor Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1445

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs