CVE-2020-0618: Microsoft SQL Server Reporting Services Remote Code

Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability. Microsoft SQL Server Reporting Services contains a deserialization vulnerability when handling page requests incorrectly. An authenticated attacker can exploit this vulnerability to execute code in the context of the Report Server service account.

• CISA KEV-listed (remediation due 2024-10-09)
• EPSS 94.2% (99.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions