A remote code execution vulnerability exists in Microsoft Dynamics NAV 2013 R2. A user who has the permission to access certain features that requires a call from the Role-Tailored Client that has the dataset structure can start arbitrary shell commands through deserialization.
To learn more about the vulnerability, go to CVE-2020-0905.
How to obtain and install the update
To apply this security update, you must have Microsoft Dynamics NAV 2013 installed.
You may have to restart the computer after you apply this security update.
Security update replacement information
This security update doesn't replace other security updates.
For deployment details for this security update, go to the following article in the Microsoft Knowledge Base: