How severe is CVE-2019-0720?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2019-0720?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2019-0720 - HIGH Severity | CVSS 8

Vulnerability Description

A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Windows Hyper-V Network Switch validates guest operating system network traffic.

Related Vulnerabilities

CVE-2016-1661

HIGH

CVSS:8.0(High)

Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers ...

CWE-202016

CVE-2017-14320

HIGH

CVSS:8.0(High)

Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files.

CWE-202017

CVE-2017-6662

HIGH

CVSS:8.0(High)

A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access t...

CWE-202017

CVE-2017-7466

HIGH

CVSS:8.0(High)

Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the abili...

CWE-202017

CVE-2018-11294

HIGH

CVSS:8.0(High)

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WLAN handler indication from the firmware gets the information for 4 access categories. Whil...

CWE-202018

CVE-2018-5199

HIGH

CVSS:8.0(High)

In Veraport G3 ALL on MacOS, due to insufficient domain validation, It is possible to overwrite installation file to malicious file. A remote unauthenticated attacker may use this vulnerability to exe...

CWE-202018