Windows Media Player
CVE-2020-1477 — Media Foundation Memory Corruption Vulnerability
Executive Summary
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage. The security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.
Overview
7
CVSS HIGH
Critical
MS Severity
Not Exploited
MS Exploit Status
Less Likely
MS Exploit Likelihood
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
ATTACK VECTOR
Local
ATTACK COMPLEXITY
High
PRIVILEGES REQUIRED
Low
USER INTERACTION
None
SCOPE
Unchanged
CONFIDENTIALITY
High
INTEGRITY
High
AVAILABILITY
High
EXPLOIT CODE MATURITY
Proof-of-Concept
REMEDIATION LEVEL
Official Fix
REPORT CONFIDENCE
Confirmed
Temporal Score: 7.0
EPSS Score
0.02508
probability of exploitation in the next 30 days
0.8269 percentile - updated 2026-06-21
View on FIRST.org
Affected Products
30 affected products
| Product | KB Article | Severity | Impact | Restart Required |
|---|---|---|---|---|
| Windows 10 for 32-bit Systems | 4571692 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 for x64-based Systems | 4571692 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1607 for 32-bit Systems | 4571694 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1607 for x64-based Systems | 4571694 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1709 for 32-bit Systems | 4571741 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1709 for ARM64-based Systems | 4571741 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1709 for x64-based Systems | 4571741 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1803 for 32-bit Systems | 4571709 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1803 for ARM64-based Systems | 4571709 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1803 for x64-based Systems | 4571709 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1809 for 32-bit Systems | 4565349 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1809 for ARM64-based Systems | 4565349 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1809 for x64-based Systems | 4565349 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1903 for 32-bit Systems | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1903 for ARM64-based Systems | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1903 for x64-based Systems | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1909 for 32-bit Systems | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1909 for ARM64-based Systems | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 1909 for x64-based Systems | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 2004 for 32-bit Systems | 4566782 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 2004 for ARM64-based Systems | 4566782 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 10 Version 2004 for x64-based Systems | 4566782 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows 7 for 32-bit Systems Service Pack 1 4571729 (Monthly Rollup) 4571719 (Security Only) Critical Remote Code Execution 4565524 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571729 4571719 Windows 7 for x64-based Systems Service Pack 1 4571729 (Monthly Rollup) 4571719 (Security Only) Critical Remote Code Execution 4565524 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571729 4571719 Windows 8.1 for 32-bit systems 4571703 (Monthly Rollup) 4571723 (Security Only) Critical Remote Code Execution 4565541 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571703 4571723 Windows 8.1 for x64-based systems 4571703 (Monthly Rollup) 4571723 (Security Only) Critical Remote Code Execution 4565541 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571703 4571723 Windows RT 8.1 | 4571703 (Monthly Rollup) |
Critical | Remote Code Execution | Yes |
| Windows Server 2008 for 32-bit Systems Service Pack 2 4571730 (Monthly Rollup) 4571746 (Security Only) Critical Remote Code Execution 4565536 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571730 4571746 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4571730 (Monthly Rollup) 4571746 (Security Only) Critical Remote Code Execution 4565536 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571730 4571746 Windows Server 2008 for x64-based Systems Service Pack 2 4571730 (Monthly Rollup) 4571746 (Security Only) Critical Remote Code Execution 4565536 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571730 4571746 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4571730 (Monthly Rollup) 4571746 (Security Only) Critical Remote Code Execution 4565536 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571730 4571746 Windows Server 2008 R2 for x64-based Systems Service Pack 1 4571729 (Monthly Rollup) 4571719 (Security Only) Critical Remote Code Execution 4565524 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571729 4571719 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4571729 (Monthly Rollup) 4571719 (Security Only) Critical Remote Code Execution 4565524 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571729 4571719 Windows Server 2012 4571736 (Monthly Rollup) 4571702 (Security Only) Critical Remote Code Execution 4565537 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571736 4571702 Windows Server 2012 (Server Core installation) 4571736 (Monthly Rollup) 4571702 (Security Only) Critical Remote Code Execution 4565537 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571736 4571702 Windows Server 2012 R2 4571703 (Monthly Rollup) 4571723 (Security Only) Critical Remote Code Execution 4565541 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571703 4571723 Windows Server 2012 R2 (Server Core installation) 4571703 (Monthly Rollup) 4571723 (Security Only) Critical Remote Code Execution 4565541 Base: 7.8 Temporal: 7.0 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4571703 4571723 Windows Server 2016 | 4571694 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows Server 2016 (Server Core installation) | 4571694 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows Server 2019 | 4565349 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows Server 2019 (Server Core installation) | 4565349 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows Server, version 1903 (Server Core installation) | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows Server, version 1909 (Server Core installation) | 4565351 (Security Update) |
Critical | Remote Code Execution | Yes |
| Windows Server, version 2004 (Server Core installation) | 4566782 (Security Update) |
Critical | Remote Code Execution | Yes |
Patches
8 patches
| Article | Type | Restart |
|---|---|---|
4571692 |
Security Update | Yes |
4571694 |
Security Update | Yes |
4571741 |
Security Update | Yes |
4571709 |
Security Update | Yes |
4565349 |
Security Update | Yes |
4565351 |
Security Update | Yes |
4566782 |
Security Update | Yes |
4571703 |
Monthly Rollup | Yes |
Known Exploits
No known exploits have been linked for this CVE yet. When available, exploit references will be sourced from public repositories and may be unverified, incomplete, or non-functional. Always review code carefully before use in any environment.
Acknowledgments
References
On This Page