CVE-2020-16952

CVE Database · CVE-2020-16952

CVE-2020-16952

· HIGHModified

CVSS v3.1

8.6

EPSS

70.98%

Published

Oct 16, 2020

Modified

Feb 23, 2026

Public PoC / Exploit (2)

All weaponized →

NucleiNuclei detection template TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint. The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

Weaknesses (CWE)

CWE-346

Affected Products (3)

microsoft · sharepoint_enterprise_servervulnerable

microsoft · sharepoint_foundationvulnerable

microsoft · sharepoint_servervulnerable

References (4)

http://packetstormsecurity.com/files/159612/Microsoft-SharePoint-SSI-ViewState-Remote-Code-Execution.html

ExploitThird Party Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952

PatchVendor Advisory

http://packetstormsecurity.com/files/159612/Microsoft-SharePoint-SSI-ViewState-Remote-Code-Execution.html

ExploitThird Party Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs