{"api_version":"1","generated_at":"2026-04-23T15:09:06+00:00","cve":"CVE-2020-0979","urls":{"html":"https://cve.report/CVE-2020-0979","api":"https://cve.report/api/cve/CVE-2020-0979.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-0979","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-0979"},"summary":{"title":"CVE-2020-0979","description":"A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0906.","state":"PUBLIC","assigner":"secure@microsoft.com","published_at":"2020-04-15 15:15:00","updated_at":"2021-07-21 11:39:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0979","name":"N/A","refsource":"N/A","tags":["Patch","Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-0979","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-0979","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"979","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"office_365_proplus","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"979","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"office_365_proplus","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"secure@microsoft.com","ID":"CVE-2020-0979","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Office 365 ProPlus","version":{"version_data":[{"version_value":"32-bit Systems"},{"version_value":"64-bit Systems"}]}}]},"vendor_name":"Microsoft"}]}},"description":{"description_data":[{"lang":"eng","value":"A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0906."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Remote Code Execution"}]}]},"references":{"reference_data":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0979","refsource":"MISC","name":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0979"}]}},"nvd":{"publishedDate":"2020-04-15 15:15:00","lastModifiedDate":"2021-07-21 11:39:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":9.3},"severity":"HIGH","exploitabilityScore":8.6,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"979","Ordinal":"159629","Title":"CVE-2020-0979","CVE":"CVE-2020-0979","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"979","Ordinal":"1","NoteData":"A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0906.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"979","Ordinal":"2","NoteData":"2020-04-15","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"979","Ordinal":"3","NoteData":"2020-04-15","Type":"Other","Title":"Modified"}]}}}