CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 3, 2022

CVE-2020-0878

High

EPSS 5.3%CISA KEVRansomware

Microsoft/Edge and Internet Explorer

Description

Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.

EPSS — Exploit Probability

5.3%

Higher than 89.8% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2020-0878

Risk Assessment

HIGH

In CISA KEV

Ransomware

Details

Severity: High
EPSS: 5.3%
CISA KEV: Yes
Ransomware: Known
Articles: 0

Timeline

Published

Nov 3, 2021

Added to KEV

Nov 3, 2021

Remediation Due

May 3, 2022

Affected Product

Microsoft

Edge and Internet Explorer

View all Microsoft CVEs

External Links

NVD (NIST)CVE Details MITRE CVE