Endpoint Vulnerability

Microsoft: Windows NAT Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists when Windows Network Address Translation (NAT) fails to properly handle UDP traffic. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system. An attacker who successfully exploited the vulnerability could cause memory corruption on a host operating system. The security update addresses the vulnerability by correcting how Windows NAT handles objects in memory.

Affected Products

Windows 10,Windows Server 2016

References

CVE-2020-16894,