PT-2020-3077 · Microsoft +3 · Sharepoint Server +5
Published
2020-07-14
·
Updated
2025-10-29
·
CVE-2020-1147
CVSS v2.0
10
10
High
| Base vector | Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
.NET Framework versions prior to the fixed version
Microsoft SharePoint versions prior to the fixed version
Visual Studio versions prior to the fixed version
Description
A remote code execution issue exists due to the software's failure to properly check the source markup of XML file input. This allows an attacker to execute arbitrary code in the context of the process responsible for deserialization of the XML content. The issue is related to errors in processing XML requests. To exploit this vulnerability, an attacker could upload a specially crafted document to a server utilizing an affected product to process content.
Recommendations
For .NET Framework versions prior to the fixed version, update to the latest version to resolve the issue.
For Microsoft SharePoint versions prior to the fixed version, update to the latest version to resolve the issue.
For Visual Studio versions prior to the fixed version, update to the latest version to resolve the issue.
As a temporary workaround, consider restricting the use of dataset and datatable types in .NET to minimize the risk of exploitation.
Avoid uploading specially crafted documents to servers utilizing affected products until the issue is resolved.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com
Weakness Enumeration
Related Identifiers
ALT-PU-2020-2513
ALT-PU-2020-2514
ALT-PU-2020-2592
ALT-PU-2020-2593
BDU:2020-03369
CESA-2020_2938
CESA-2020_2954
CVE-2020-1147
GHSA-G5VF-38CP-4PX9
RHSA-2020:2937
RHSA-2020:2938
RHSA-2020:2939
RHSA-2020:2954
RHSA-2020:2988
RHSA-2020:2989
RHSA-2020_2938
RHSA-2020_2954
Affected Products
.Net Framework
Alt Linux
Centos
Sharepoint Server
Red Hat
Visual Studio
References · 53
- 🔥 https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/sharepoint_data_deserialization.rb⭐ 35285 🔗 14255 · Exploit
- 🔥 https://exploit-db.com/exploits/48747 · Exploit
- 🔥 http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html · Exploit
- 🔥 http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html · Exploit
- 🔥 https://exploitalert.com/view-details.html?id=35992 · Exploit
- 🔥 http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html · Exploit
- 🔥 https://exploit-db.com/exploits/50151 · Exploit
- https://errata.altlinux.org/ALT-PU-2020-2593 · Vendor Advisory
- https://errata.altlinux.org/ALT-PU-2020-2592 · Vendor Advisory
- https://cve.org/CVERecord?id=CVE-2020-1147 · Security Note
- https://osv.dev/vulnerability/GHSA-g5vf-38cp-4px9 · Vendor Advisory
- https://linux.oracle.com/errata/ELSA-2020-2954.html · Vendor Advisory
- https://linux.oracle.com/errata/ELSA-2020-2938.html · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1147 · Security Note
- https://errata.altlinux.org/ALT-PU-2020-2514 · Vendor Advisory