Vulnerability Details CVE-2020-16899
<p>A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.</p>
<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly.</p>
<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>
Exploit prediction scoring system (EPSS) score
EPSS Score 0.41
EPSS Ranking 97.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2020-16899
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_10:1809
-
cpe:2.3:o:microsoft:windows_10:1903
-
cpe:2.3:o:microsoft:windows_10:1909
-
cpe:2.3:o:microsoft:windows_10:2004
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004
-
cpe:2.3:o:microsoft:windows_server_2019:-