KEV Entry: CVE-2020-0646

Entry Details

Confirmed Exploited

Vulnerability ID

CVE-2020-0646

Status Updated At

2021-11-03 00:00 UTC

Timestamps

First Seen At

2021-11-03

Asserted At

2021-11-03

Scope

Notes

KEVIntel entry: A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code... | Affected: Microsoft / Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows Server, version 1803 (Server Core Installation), Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows Server 2016, Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation), Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems, Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems, Microsoft .NET Framework 4.8 on Windows RT 8.1, Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation), Microsoft .NET Framework 4.8 on Windows Server 2012, Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation), Microsoft .NET Framework 4.8 on Windows Server 2012 R2, Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation), Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1909 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server, version 1803 (Server Core Installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 | CVSS: 9.8 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: False

References

{'id': 'CVE-2020-0646', 'url': 'https://www.cve.org/CVERecord?id=CVE-2020-0646'}
{'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2020-0646'}

Entry UUID

ceff2ed1-3f36-40ec-9cf8-9a070f87989f

Catalog Origin UUID

caeb2787-0d58-4236-9039-7c86c3e566f3

Created

2026-06-23 14:04 UTC

Last Updated

2026-06-23 14:04 UTC

Evidence

1

Type Source Signal Confidence Details GCVE Metadata

Type	Source	Signal	Confidence	Details	GCVE Metadata
public_report	kevintel	successful_exploitation	0.70	View details { "added_date": "2021-11-03T00:00:00.000Z", "ahead_of_cisa_kev": null, "cvss_score": 9.8, "cvss_severity": "CRITICAL", "epss_percentile": null, "epss_score": null, "feed": "KEVIntel (kevintel.com)", "not_yet_in_cisa_kev": false, "product": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows Server, version 1803 (Server Core Installation), Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows Server 2016, Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation), Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems, Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems, Microsoft .NET Framework 4.8 on Windows RT 8.1, Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation), Microsoft .NET Framework 4.8 on Windows Server 2012, Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation), Microsoft .NET Framework 4.8 on Windows Server 2012 R2, Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation), Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1909 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server, version 1803 (Server Core Installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016", "title": "A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka \u0027.NET Framework Remote Code...", "used_in_malware": "unknown", "vendor": "Microsoft" }	-

public_report

kevintel

successful_exploitation

0.70

View details

{
  "added_date": "2021-11-03T00:00:00.000Z",
  "ahead_of_cisa_kev": null,
  "cvss_score": 9.8,
  "cvss_severity": "CRITICAL",
  "epss_percentile": null,
  "epss_score": null,
  "feed": "KEVIntel (kevintel.com)",
  "not_yet_in_cisa_kev": false,
  "product": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows Server, version 1803  (Server Core Installation), Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems, Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems, Microsoft .NET Framework 4.8 on Windows Server 2016, Microsoft .NET Framework 4.8 on Windows Server 2016  (Server Core installation), Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems, Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems, Microsoft .NET Framework 4.8 on Windows RT 8.1, Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1, Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation), Microsoft .NET Framework 4.8 on Windows Server 2012, Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation), Microsoft .NET Framework 4.8 on Windows Server 2012 R2, Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019  (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019  (Server Core installation), Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1909 (Server Core installation), Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server, version 1803  (Server Core Installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016  (Server Core installation), Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems, Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016",
  "title": "A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka \u0027.NET Framework Remote Code...",
  "used_in_malware": "unknown",
  "vendor": "Microsoft"
}

-

Export Options

JSON Object JSON API View Full Catalog