New Search

Windows NAT Remote Code Execution Vulnerability - CVE-2020-16894

oval:org.cisecurity:def:8369

A remote code execution vulnerability exists when Windows Network Address Translation (NAT) fails to properly handle UDP traffic. To exploit the vulnerability an attacker could run a specially crafted application on a guest operating system. An attacker who successfully exploited the vulnerability could cause memory corruption on a host operating system. The security update addresses the vulnerability by correcting how Windows NAT handles objects in memory.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
Class:
vulnerability
Reference(s):
  • CVE-2020-16894
  • MSRC-CVE-2020-16894
  • KB4580346
Product(s):