Oct 2020: Base3D Remote Code Execution Vulnerability
CVE-2020-16918 Published on October 16, 2020
Base3D Remote Code Execution Vulnerability
<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p>
<p>An attacker who successfully exploited the vulnerability would gain execution on a victim system.</p>
<p>The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory.</p>
Products Associated with CVE-2020-16918
stack.watch emails you whenever new vulnerabilities are published in Microsoft 365 Apps or Microsoft 3d Viewer. Just hit a watch button to start following.
Affected Versions
Microsoft 365 Apps for Enterprise:- Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version 7.0.0 and below publication is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.