CVE-2020-1350

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability
Entry Details

CVE-2020-1350

Confirmed

Yes

2021-11-03 00:00 UTC

Timestamps

2021-11-03

2021-11-03

Scope

KEV entry: Microsoft Windows DNS Server Remote Code Execution Vulnerability | Affected: Microsoft / Windows | Description: Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): Reference CISA's ED 20-03 (https://www.cisa.gov/news-events/directives/ed-20-03-mitigate-windows-dns-server-remote-code-execution-vulnerability-july-2020-patch-tuesday) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 20-03. https://nvd.nist.gov/vuln/detail/CVE-2020-1350

References
  • {'id': 'CVE-2020-1350', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-1350'}

d260e006-1d73-4826-a330-6ef64759789b

405284c2-e461-4670-8979-7fd2c9755a60

2026-02-02 13:26 UTC

2026-02-06 07:53 UTC

Evidence (1)
Type Source Signal Confidence Details GCVE Metadata
vendor_report cisa-kev successful_exploitation 0.80
View details 
{
  "cwes": [],
  "date_added": "2021-11-03",
  "due_date": "2022-05-03",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Unknown",
  "product": "Windows",
  "vendorProject": "Microsoft",
  "vulnerabilityName": "Microsoft Windows DNS Server Remote Code Execution Vulnerability"
}
 -
Export Options
JSON Object JSON API View Full Catalog