CVE-2020-0697 is a vulnerability in Microsoft Office 365 Proplus

CVE-2020-0697 is a vulnerability in Microsoft Office 365 Proplus
Published on February 11, 2020

An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.The security update addresses the vulnerability by correcting how the process validates the log file., aka 'Microsoft Office Tampering Vulnerability'.

Products Associated with CVE-2020-0697

Want to know whenever a new CVE is published for Microsoft Office 365 Proplus? stack.watch will email you.

Affected Versions

Version 32-bit Systems is affected.

Version 64-bit Systems is affected.

Exploit Probability

EPSS

0.24%

Percentile

47.23%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-0697 is a vulnerability in Microsoft Office 365 ProplusPublished on February 11, 2020

Products Associated with CVE-2020-0697

Affected Versions

Exploit Probability

CVE-2020-0697 is a vulnerability in Microsoft Office 365 Proplus
Published on February 11, 2020