New Search

Windows TCP/IP Remote Code Execution Vulnerability - CVE-2020-16898

oval:org.cisecurity:def:8386

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this vulnerability an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 10
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2020-16898
  • MSRC-CVE-2020-16898
  • KB4580328
  • KB4580330
  • KB4577668
  • KB4577671
  • KB4579311
Product(s):