CVE-2020-0618: Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (Pentest Lab Guide)

CVE-2020-0618: Technical Deep-Dive (Auto Refreshed)

Generated on 2026-03-25T02:10:59.686Z. This file is automatically regenerated every 30 minutes by the CVE AI enrichment job using web sources (NVD, MITRE, CISA KEV, GitHub).

Executive Technical Summary

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.

Context preserved from previous revision: A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. 1. Use only isolated environments and systems you own or are explicitly authorized to test.

Technical Details

CVE: CVE-2020-0618
KEV date added: 2024-09-18
KEV due date: 2024-10-09
NVD published: 2020-02-12
NVD modified: 2026-01-14
MITRE modified: 2026-01-12
CVSS base score: 8.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS exploitability score: 2.8
CVSS impact score: 5.9
Attack vector: Network
Attack complexity: Low
Privileges required: Low
User interaction: None
Scope: Unchanged
Confidentiality impact: High
Integrity impact: High
Availability impact: High

Versions and Products Impacted

microsoft / sql server (versions: 2012)
microsoft / sql server (versions: 2014)
microsoft / sql server (versions: 2016)
Microsoft / Microsoft SQL Server (versions: 2012 for 32-bit Systems Service Pack 4 (QFE), 2012 for x64-based Systems Service Pack 4 (QFE), 2016 for x64-based Systems Service Pack 2 (CU))
Microsoft / Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR) (versions: unspecified)
Microsoft / Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU) (versions: unspecified)
Microsoft / Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR) (versions: unspecified)
Microsoft / Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR) (versions: unspecified)
Microsoft / Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU) (versions: unspecified)

Weakness Classification

CWE-502
Remote Code Execution

Repositories for Lab Validation (Public Examples)

Mr-xn/Penetration_Testing_POC | stars: 7283 | updated: 2026-03-24 | https://github.com/Mr-xn/Penetration_Testing_POC
Notes: 渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
magercode/List-CVE-2025-2026 | stars: 1 | updated: 2026-02-22 | https://github.com/magercode/List-CVE-2025-2026
Notes: Daftar CVE 2025-2026 terupdate

People and Organizations Mentioned

microsoft
SQL Server
Mr-xn
magercode

Practical Defensive Validation (Authorized Only)

Use only isolated environments and systems you own or are explicitly authorized to test.
Snapshot infrastructure before validation and preserve baseline logs (EDR, SIEM, OS, app).
Use microsoft / sql server (versions: 2012) in isolated VM snapshots (vulnerable vs patched) and compare process tree telemetry before/after updates.
Validate command-execution prevention policies (AppLocker/WDAC/EDR) with harmless test binaries only.
Create SIEM detections for suspicious parent-child chains, encoded command usage, and abnormal service creation.

References

This content is for defensive security training and authorized validation only.