Security Updates for Microsoft .NET Framework (August 2020)

high Nessus Plugin ID 139598


The Microsoft .NET Framework installation on the remote host is affected by multiple vulnerabilities.


The Microsoft .NET Framework installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :

- An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. (CVE-2020-1476)

- A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. (CVE-2020-1046)


Microsoft has released security updates for Microsoft .NET Framework.

See Also

Plugin Details

Severity: High

ID: 139598

File Name: smb_nt_ms20_aug_dotnet.nasl

Version: 1.5

Type: local

Agent: windows

Published: 8/14/2020

Updated: 6/11/2021

Risk Information


Risk Factor: High

Score: 7.4


Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

CVSS Score Source: CVE-2020-1046


Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:.net_framework

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 8/12/2020

Vulnerability Publication Date: 8/12/2020

Reference Information

CVE: CVE-2020-1046, CVE-2020-1476

MSKB: 4569751, 4571709, 4569748, 4569749, 4569746, 4571692, 4569745, 4571741, 4570506, 4570507, 4571694, 4570505, 4570502, 4570503, 4570500, 4570501, 4570508, 4570509

MSFT: MS20-4569751, MS20-4571709, MS20-4569748, MS20-4569749, MS20-4569746, MS20-4571692, MS20-4569745, MS20-4571741, MS20-4570506, MS20-4570507, MS20-4571694, MS20-4570505, MS20-4570502, MS20-4570503, MS20-4570500, MS20-4570501, MS20-4570508, MS20-4570509

IAVA: 2020-A-0368-S