What is CVE-2020-0603?

CVE-2020-0603 is a vulnerability in Microsoft Asp.net Core. Published 2020-01-14.

Is CVE-2020-0603 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Asp.net Core

CVE-2020-0603

A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user…

EPSS: 0.108 (93.5th percentile) — read the EPSS interpretation.

Affected products

Microsoft Asp.net Core — versions 2.1, 3.0, 3.1

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603 (x_refsource_MISC)
RHSA-2020:0130 (vendor-advisory, x_refsource_REDHAT)
RHSA-2020:0134 (vendor-advisory, x_refsource_REDHAT)

Frequently asked questions

What is CVE-2020-0603?: CVE-2020-0603 is a vulnerability in Microsoft Asp.net Core. Published 2020-01-14.
Is CVE-2020-0603 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.