Is CVE-2020-0931 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Business Productivity Servers

CVE-2020-0931

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from C…

EPSS: 0.207 (95.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Business Productivity Servers — versions 2010 Service Pack 2
Microsoft Sharepoint Enterprise Server — versions 2013 Service Pack 1, 2016
Microsoft Sharepoint Foundation — versions 2013 Service Pack 1
Microsoft Sharepoint Server — versions 2019

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0931 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-0931?: CVE-2020-0931 is a vulnerability in Microsoft Business Productivity Servers. Published 2020-04-15.
Is CVE-2020-0931 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.