How severe is CVE-2020-1567?

Medium severity. CVSS v3 base score is 4.2 out of 10.

Vulnerability in Microsoft Internet Explorer 11

CVE-2020-1567

A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative us…

EPSS: 0.025 (85.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.2 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C.

Affected products

Microsoft Internet Explorer 11 — versions 1.0.0
Microsoft Internet Explorer 9 — versions 1.0.0

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1567 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-1567?: CVE-2020-1567 is a medium-severity vulnerability in Microsoft Internet Explorer 11. CVSS score: 4.2/10. Published 2020-08-17.
How severe is CVE-2020-1567?: Medium severity. CVSS v3 base score is 4.2 out of 10.