CVE-2020-1040

Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful exploitation allows for remote code execution on the host operating system. Vendor/Product: Microsoft Hyper-V RemoteFX. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.