<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1462084720533760&amp;ev=PageView&amp;noscript=1">
Vulnerability Report

CVE-2020-17040 Authentication Bypass in Windows Hyper-V Security

Virsec Security Research Lab Vulnerability Analysis

The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.

Vulnerability Summary

Windows Hyper-V Security Feature can be bypassed. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router paths.

Watch the video to learn more about this and other important vulnerabilities.

CVSS Score

The CVSS Base Score is 9.8 (Critical)

Affected Version

Windows Server, version 20H2 (Server Core Installation)

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows 8.1 for x64-based systems

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows Server, version 1903 (Server Core installation)

Windows 10 Version 1903 for x64-based Systems

Windows Server, version 1909 (Server Core installation)

Windows 10 Version 1909 for x64-based Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 20H2 for x64-based Systems

Vulnerability Attribution

Etienne Champetier (@champtar)

Risk Impact

Given the affected versions of OS, the risk posed by this vulnerability is critical. Public exploit is not available.

Virsec Security Platform (VSP) Support

The Virsec Security Platform (VSP)- NVD has assigned it the CWE 287 (Improper Authentication). A patch is available from Microsoft. To those customers who cannot patch for whatever reason, VSP-Web Insider Protect capability may keep publicly exposed HTTP services safe.

Reference Links

Download the full vulnerability report to learn more about this and other important vulnerabilities.