CVE-2020-0729

Description from NVD

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

Information Acquisition Date:2021-04-27T10:38Z
CVSS 2.0: 6.8 MEDIUM CVSS 3.x: 8.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:P/I:P/A:P

NVD References

 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0729
     source:MISC
     tags:Patch    Vendor Advisory    

Description from Forti

References

This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in Microsoft Windows Server.The vulnerability is due to insufficient handling of LNK files. A remote attacker could exploit this vulnerability by enticing a target user into browsing to a folder containing a crafted LNK file or downloading a crafted LNK file. Successful exploitation could result in the execution of arbitrary code under the security context of the target user.

Information Acquisition Date:2020/04/02

Affected Products

Microsoft Windows 2008 R2
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows 10
Microsoft Windows RT 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows version 1909 (Server Core installation)
Microsoft Windows Server version 1803 (Server Core Installation)
Microsoft Windows Server version 1903 (Server Core installation)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0729

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://www.thezdi.com/55
https://lists.astaro.com/ASGV9-IPS-rules.html#027
https://newsbythehour.org/cybr/7
https://bitly.com/3

Information from Twitter

User URL Info Source Date
OPOSEC https://bit.ly/34ozEhW Source OPOSEC           1621916502696890369 2023/02/05
kacos2000 https://www.thezdi.com/blog/2020/3/25/cve-2020-0729-remote-... Source kacos2000        1631108564910522368 2023/03/02
kacos2000 https://twitter.com/kacos2000/status/1631108564910522368/ph... Source kacos2000        1631108564910522368 2023/03/02
ggwhiting https://www.thezdi.com/blog/2020/3/25/cve-2020-0729-remote-... Source ggwhiting        1637371921120600064 2023/03/19

List of frequently cited URLs

URLNum of Times Referred to
www.thezdi.com55
lists.astaro.com27
newsbythehour.org7
bitly.com3

Information from Twitter

User URL Info Source
OPOSEC bit.ly Show Tweet
kacos2000 thezdi.com Show Tweet
kacos2000 twitter.com Show Tweet
ggwhiting thezdi.com Show Tweet
GitHub Search Results: Up to 10
NameURL
No Data
GitHub Search Results: Up to 10
NameURL
No Data
2023/03/19 Score : 1
Added Har-sia Database : 2020/02/22
Last Modified : 2023/03/19
Highest Scored Date : 2020/03/27
Highest Score : 43