cnvd - cnvd-2021-08826

CNVD-2021-08826

Vulnerability from cnvd - Published: 2021-02-02

Title

Microsoft Windows Codecs远程代码执行漏洞

Description

Microsoft Windows是美国微软（Microsoft）公司的一套个人设备使用的操作系统。 Microsoft Windows Codecs处理内存对象存在安全漏洞，允许远程攻击者利用漏洞提交特殊的请求，可以应用程序上下文执行任意代码。

Severity

中

Patch Name

Microsoft Windows Codecs远程代码执行漏洞的补丁

Patch Description

Microsoft Windows是美国微软（Microsoft）公司的一套个人设备使用的操作系统。 Microsoft Windows Codecs处理内存对象存在安全漏洞，允许远程攻击者利用漏洞提交特殊的请求，可以应用程序上下文执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-17022

Reference

https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-17022

Impacted products

Name
['Microsoft Windows 10 1809', 'Microsoft Windows 10 1903', 'Microsoft Windows 10 1709', 'Microsoft Windows 10 1803', 'Microsoft Windows 10 1809', 'Microsoft Windows 10 1903', 'Microsoft Windows 10 1909', 'Microsoft Windows 10 2004']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-17022",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-17022"
    }
  },
  "description": "Microsoft Windows\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e2a\u4eba\u8bbe\u5907\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002 \n\nMicrosoft Windows Codecs\u5904\u7406\u5185\u5b58\u5bf9\u8c61\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u4ee5\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-17022",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-08826",
  "openTime": "2021-02-02",
  "patchDescription": "Microsoft Windows\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e2a\u4eba\u8bbe\u5907\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002 \r\n\r\nMicrosoft Windows Codecs\u5904\u7406\u5185\u5b58\u5bf9\u8c61\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u4ee5\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows Codecs\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows 10 1809",
      "Microsoft Windows 10 1903",
      "Microsoft Windows 10 1709",
      "Microsoft Windows 10 1803",
      "Microsoft Windows 10 1809",
      "Microsoft Windows 10 1903",
      "Microsoft Windows 10 1909",
      "Microsoft Windows 10 2004"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-17022",
  "serverity": "\u4e2d",
  "submitTime": "2020-10-19",
  "title": "Microsoft Windows Codecs\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2020-17022 (GCVE-0-2020-17022)

Vulnerability from cvelistv5 – Published: 2020-10-16 22:18 – Updated: 2024-08-04 13:45

Summary

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted image file. The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE

Remote Code Execution

Assigner

microsoft

References

URL

Tags

https://portal.msrc.microsoft.com/en-US/security-…

x_refsource_MISC

Impacted products

Vendor

Product

Version

Microsoft

Windows 10 Version 1803

Affected: N/A

Microsoft	Windows 10 Version 1809	Affected: N/A
Microsoft	Windows 10 Version 1909	Affected: N/A
Microsoft	Windows 10 Version 1709 for 32-bit Systems	Affected: N/A
Microsoft	Windows 10 Version 1709	Affected: N/A
Microsoft	Windows 10 Version 1903 for 32-bit Systems	Affected: N/A
Microsoft	Windows 10 Version 1903 for x64-based Systems	Affected: N/A
Microsoft	Windows 10 Version 1903 for ARM64-based Systems	Affected: N/A
Microsoft	Windows 10 Version 2004	Affected: N/A

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:45:34.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17022"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1803",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 1709 for 32-bit Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1709",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "Unknown"
          ],
          "product": "Windows 10 Version 1903 for 32-bit Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "Unknown"
          ],
          "product": "Windows 10 Version 1903 for x64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "Unknown"
          ],
          "product": "Windows 10 Version 1903 for ARM64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        }
      ],
      "datePublic": "2020-10-15T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "\u003cp\u003eA remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code.\u003c/p\u003e\n\u003cp\u003eExploitation of the vulnerability requires that a program process a specially crafted image file.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory.\u003c/p\u003e\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-31T19:20:02.348Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17022"
        }
      ],
      "title": "Microsoft Windows Codecs Library Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17022",
    "datePublished": "2020-10-16T22:18:12",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-08-04T13:45:34.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-08826

CVE-2020-17022 (GCVE-0-2020-17022)

Tags

Sightings

Nomenclature