CVE-2020-16855 – This CVE describes an information disclosure vu... (How to Fix)

Q: What is the severity of CVE-2020-16855?

CVE-2020-16855 has a CVSS score of 5.5 (MEDIUM). This CVE describes an information disclosure vulnerability in Microsoft Office where uninitialized memory could be read when opening specially crafted files. Attackers could exploit this to view out-of-bounds memory contents. Users who open malicious Office files with affected versions are at risk.

📋 TL;DR

This CVE describes an information disclosure vulnerability in Microsoft Office where uninitialized memory could be read when opening specially crafted files. Attackers could exploit this to view out-of-bounds memory contents. Users who open malicious Office files with affected versions are at risk.

💻 Affected Systems

Products:

Microsoft Office

Versions: Specific affected versions would be detailed in Microsoft's advisory

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Requires user to open a specially crafted Office file. Exact affected versions should be verified against Microsoft's advisory.

📦 What is this software?

Office by Microsoft

View all CVEs affecting Office →

Office by Microsoft

View all CVEs affecting Office →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive memory contents including credentials, encryption keys, or other application data could be leaked to an attacker.

🟠

Likely Case

Limited information disclosure from Office application memory, potentially revealing document fragments or application state.

🟢

If Mitigated

No impact if users don't open untrusted Office files or have patched systems.

🌐 Internet-Facing: LOW - Requires user interaction with malicious files, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing with malicious Office attachments.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file) and knowledge of file format manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Available through Microsoft's October 2020 security updates

Vendor Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16855

Restart Required: Yes

Instructions:

1. Apply Microsoft's October 2020 security updates for Office. 2. Restart affected systems. 3. Verify Office version is updated.

🔧 Temporary Workarounds

Block Office file types via email filtering

all

Prevent delivery of potentially malicious Office files via email

Use Office Protected View

windows

Configure Office to open untrusted files in Protected View mode

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized Office file execution
Train users to avoid opening Office files from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check Office version against Microsoft's advisory for affected versions

Check Version:

In Office: File > Account > About [Application]

Verify Fix Applied:

Verify Office has October 2020 or later security updates installed

📡 Detection & Monitoring

Log Indicators:

Office application crashes with memory access violations
Unusual Office file openings from email attachments

Network Indicators:

N/A - local exploitation only

SIEM Query:

Office application crash events with memory exception codes

📊 Metadata

CVE ID: CVE-2020-16855

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-125

Published: September 11, 2020

Last Updated: February 23, 2026

🔗 References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16855 Patch,Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16855 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-16855, you might also want to check these: