KEV · Actively exploited
CVE-2020-0601
HIGH 8.1
KEV
Windows CryptoAPI Spoofing Vulnerability
EPSS
94.09%
exploit likely
percentile 99.9%
CISA Known Exploited Vulnerability
- Added to KEV
- 2021-11-03
- Remediation deadline
- 2022-05-03
- Required action
- Apply updates per vendor instructions.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 1909 · 2019-09 Windows 10 1903 · 2019-03 Windows 10 1809 · 2018-09 Windows 10 1803 · 2018-03 Windows 10 1709 · 2017-09 Windows 10 1607 · 2016-07