CVE-2020-0904

Description

<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p> <p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p>

References

https://www.tenable.com/blog/microsoft-s-september-2020-patch-tuesday-addresses-129-cves

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0904

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3