CVE-2020-1223
CVE-2020-1223
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 8.0%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
09 Jun 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A remote code execution vulnerability exists when Microsoft Word for Android fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file.The update addresses the vulnerability by correcting how Microsoft Word for Android handles specially crafted URL files., aka 'Word for Android Remote Code Execution Vulnerability'.
Affected products
Microsoft · Microsoft Word for Android