CVE-2020-1147

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability
Entry Details

CVE-2020-1147

Confirmed

Yes

2021-11-03 00:00 UTC

Timestamps

2021-11-03

2021-11-03

Scope

KEV entry: Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability | Affected: Microsoft / .NET Framework, SharePoint, Visual Studio | Description: Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML content. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2020-1147

References
  • {'id': 'CVE-2020-1147', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-1147'}

35949947-372c-4df8-9397-16fc97647ef7

405284c2-e461-4670-8979-7fd2c9755a60

2026-02-02 13:26 UTC

2026-02-06 07:53 UTC

Evidence (1)
Type Source Signal Confidence Details GCVE Metadata
vendor_report cisa-kev successful_exploitation 0.80
View details 
{
  "cwes": [],
  "date_added": "2021-11-03",
  "due_date": "2022-05-03",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Unknown",
  "product": ".NET Framework, SharePoint, Visual Studio",
  "vendorProject": "Microsoft",
  "vulnerabilityName": "Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability"
}
 -
Export Options
JSON Object JSON API View Full Catalog