CVE-2020-1345: 
vulnerability analysis and mitigation

CVE-2020-1345 is a security vulnerability affecting Microsoft SharePoint Server that could allow remote code execution if a user opens a specially crafted Office file. The vulnerability was disclosed and patched in September 2020, affecting multiple versions including SharePoint Enterprise Server 2016 and SharePoint Foundation 2013 SP1 (Microsoft SharePoint).

The vulnerability is part of a security update package that addresses multiple vulnerabilities in Microsoft Office products. The update was rated as having an 'Important' security impact by Red Hat Product Security (Red Hat Advisory).

If successfully exploited, this vulnerability could allow an attacker to execute remote code on the affected system by having a user open a specially crafted Office file (Microsoft SharePoint).

Microsoft has released security updates to address this vulnerability. The fixes are available through Microsoft Update, Microsoft Update Catalog, and Microsoft Download Center. For SharePoint Server 2016, users should install security update 4484506, and for SharePoint Foundation 2013 SP1, users should install security update 4484525 (Microsoft SharePoint).