New Search

Remote Desktop Client Remote Code Execution Vulnerability - CVE-2020-1374

oval:org.cisecurity:def:8003

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view change or delete data; or create new accounts with full user rights. To exploit this vulnerability an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server they would need to trick the user into connecting via social engineering DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server host malicious code on it and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows 8.1
  • Microsoft Windows 7
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2020-1374
  • MSRC-CVE-2020-1374
  • KB4565539
  • KB4565535
  • KB4565540
  • KB4565513
  • KB4565511
  • KB4565508
  • KB4565489
  • KB4558998
  • KB4565483
Product(s):