CVE-2020-0646

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.

CVSS v3 9.8 CRITICAL
CVSS v2.0 10.0 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html	Exploit Third Party Advisory VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646	Patch Vendor Advisory
http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html	Exploit Third Party Advisory VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646	Patch Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0646	US Government Resource

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_10_1607:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1607:-::::::x86:
	cpe:2.3:o:microsoft:windows_8.1::::::::
	cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:a:microsoft:.net_framework:3.5:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.6.2:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.1:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.2:::::::*

OR	cpe:2.3:o:microsoft:windows_10_1607:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1607:-::::::x86:
	cpe:2.3:o:microsoft:windows_server_2016:-:::::::*

Configuration 4 (hide)

AND

OR	cpe:2.3:a:microsoft:.net_framework:3.5:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.1:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.2:::::::*

OR	cpe:2.3:o:microsoft:windows_10_1709:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1709:-::::::x86:

Configuration 5 (hide)

AND

OR	cpe:2.3:a:microsoft:.net_framework:3.5:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.2:::::::*

OR	cpe:2.3:o:microsoft:windows_10_1507:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1507:-::::::x86:
	cpe:2.3:o:microsoft:windows_10_1803:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1803:-::::::x86:
	cpe:2.3:o:microsoft:windows_10_1809:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1809:-::::::x86:
	cpe:2.3:o:microsoft:windows_server_2016:1803:::::::*
	cpe:2.3:o:microsoft:windows_server_2019::::::::

Configuration 6 (hide)

AND

OR	cpe:2.3:a:microsoft:.net_framework:3.5:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.8:::::::*

OR	cpe:2.3:o:microsoft:windows_10_1809:-:::::::*
	cpe:2.3:o:microsoft:windows_10_1903:-:::::::*
	cpe:2.3:o:microsoft:windows_10_1909:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2016:1909:::::::*
	cpe:2.3:o:microsoft:windows_server_2019::::::::

Configuration 7 (hide)

AND

cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_7:-:sp1::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::itanium:*
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*

Configuration 8 (hide)

AND

cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_7:-:sp1::::::
	cpe:2.3:o:microsoft:windows_8.1::::::::
	cpe:2.3:o:microsoft:windows_rt_8.1::::::::
	cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
	cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*

Configuration 9 (hide)

AND

cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

Configuration 10 (hide)

AND

OR	cpe:2.3:a:microsoft:.net_framework:4.6.2:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.1:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.2:::::::*

cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*

Configuration 11 (hide)

AND

OR	cpe:2.3:a:microsoft:.net_framework:4.6:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.6.1:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.6.2:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.1:::::::*
	cpe:2.3:a:microsoft:.net_framework:4.7.2:::::::*

OR	cpe:2.3:o:microsoft:windows_7:-:sp1::::::
	cpe:2.3:o:microsoft:windows_8.1::::::::
	cpe:2.3:o:microsoft:windows_rt_8.1::::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
	cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*

Configuration 12 (hide)

AND

cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_10_1607:-:::::::*
	cpe:2.3:o:microsoft:windows_10_1709:-:::::::*
	cpe:2.3:o:microsoft:windows_10_1803:-:::::::*
	cpe:2.3:o:microsoft:windows_7:-:sp1::::::
	cpe:2.3:o:microsoft:windows_8.1::::::::
	cpe:2.3:o:microsoft:windows_rt_8.1::::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
	cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*
	cpe:2.3:o:microsoft:windows_server_2016:-:::::::*

History

29 Oct 2025, 14:32

Type	Values Removed	Values Added
First Time		Microsoft windows 10 1909 Microsoft windows 10 1809 Microsoft windows 10 1903 Microsoft windows 10 1607 Microsoft windows 10 1507 Microsoft windows 10 1803 Microsoft windows 10 1709
CPE	cpe:2.3:o:microsoft:windows_10:1903:::::::* cpe:2.3:o:microsoft:windows_10:1709:::::::* cpe:2.3:o:microsoft:windows_10:1809:::::::* cpe:2.3:o:microsoft:windows_10:-:::::::* cpe:2.3:o:microsoft:windows_10:1803:::::::* cpe:2.3:o:microsoft:windows_10:1607:::::::* cpe:2.3:o:microsoft:windows_10:1607::::::x86: cpe:2.3:o:microsoft:windows_10:1909:::::::*	cpe:2.3:o:microsoft:windows_10_1903:-:::::::* cpe:2.3:o:microsoft:windows_10_1607:-:::::::* cpe:2.3:o:microsoft:windows_10_1809:-:::::::* cpe:2.3:o:microsoft:windows_10_1709:-::::::x64: cpe:2.3:o:microsoft:windows_10_1507:-::::::x64: cpe:2.3:o:microsoft:windows_10_1809:-::::::x64: cpe:2.3:o:microsoft:windows_10_1803:-:::::::* cpe:2.3:o:microsoft:windows_10_1507:-::::::x86: cpe:2.3:o:microsoft:windows_10_1909:-:::::::* cpe:2.3:o:microsoft:windows_10_1803:-::::::x64: cpe:2.3:o:microsoft:windows_10_1607:-::::::x86: cpe:2.3:o:microsoft:windows_10_1809:-::::::x86: cpe:2.3:o:microsoft:windows_10_1709:-:::::::* cpe:2.3:o:microsoft:windows_10_1709:-::::::x86: cpe:2.3:o:microsoft:windows_10_1607:-::::::x64: cpe:2.3:o:microsoft:windows_10_1803:-::::::x86:
References	~~() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0646 -~~	() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0646 - US Government Resource

22 Oct 2025, 00:16

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0646 -

21 Oct 2025, 20:17

Type	Values Removed	Values Added
References	~~{'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0646', 'source': '134c704f-9b21-4f2e-91b3-4a467353bcc0'}~~

21 Oct 2025, 19:18

Type	Values Removed	Values Added
References		() https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0646 -

21 Nov 2024, 04:53

Type	Values Removed	Values Added
References	~~() http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html - Exploit, Third Party Advisory, VDB Entry~~	() http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html - Exploit, Third Party Advisory, VDB Entry
References	~~() https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646 - Patch, Vendor Advisory~~	() https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646 - Patch, Vendor Advisory

Information

Published : 2020-01-14 23:15

Updated : 2025-10-29 14:32

NVD link : CVE-2020-0646

Mitre link : CVE-2020-0646

CVE.ORG link : CVE-2020-0646

JSON object : View

Products Affected

microsoft

windows_10_1607
.net_framework
windows_server_2012
windows_10_1803
windows_10_1903
windows_server_2008
windows_7
windows_server_2016
windows_10_1507
windows_10_1909
windows_8.1
windows_10_1809
windows_rt_8.1
windows_10_1709
windows_server_2019

CWE

CWE-91

XML Injection (aka Blind XPath Injection)

9.8 /10