CVE-2020-1040
Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
6.9%
p93
KEV
YES
Nov 3, 2021
Exploit Today
78
0-100
Published: — · Last modified: —
Product
Microsoft / Hyper-V RemoteFX
Vulnerability
Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful exploitation allows for remote code execution on the host operating system.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-1040
No related CVEs by CWE or product.