Show filters
Showing topic results for ""remote desktop"":
(1-10 of 99)
Sort by:
Attacker Value
Very High
Windows Remote Desktop (RDP) Use-after-free vulnerablility, "Bluekeep"
Disclosure Date: May 16, 2019 (last updated September 02, 2020)
A bug in Windows Remote Desktop protocol allows unauthenticated users to run arbitrary code via a specially crafted request to the service. This affects Windows 7/Windows Server 2008 and earlier releases. Given the ubiquity of RDP in corporate environments and the trusted nature of RDP, this could pose serious concerns for ransomware attacks much like WannaCry.
Patches are released for Windows 7/2008 Operating systems as well as Windows XP.
6
Attacker Value
Very High
DejaBlue, RDP Heap Overflow
Disclosure Date: August 14, 2019 (last updated February 13, 2020)
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
1
Attacker Value
Very High
Windows Remote Desktop Gateway RCE (CVE-2020-0609)
Last updated February 24, 2020
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems RD Gateway via RDP.
The update addresses the vulnerability by correcting how RD Gateway handles connection requests.
(Description copy-pasted entirely from Microsoft's CVE description)
0
Attacker Value
Unknown
CVE-2020-16896
Disclosure Date: October 16, 2020 (last updated October 28, 2020)
An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability'.
1
Attacker Value
Very High
Insecure RDP
Last updated October 09, 2020
There are active attack campaigns as of October 2020 targeting RDP servers without multi-factor authentication enabled.
5
Attacker Value
Moderate
Remote Desktop Client remote code execution vulnerability
Disclosure Date: January 14, 2020 (last updated July 24, 2020)
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
0
Attacker Value
Very High
CVE-2012-0002
Disclosure Date: March 13, 2012 (last updated July 30, 2020)
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, aka "Remote Desktop Protocol Vulnerability."
0
Attacker Value
Low
CVE-2020-0655
Disclosure Date: February 11, 2020 (last updated July 24, 2020)
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
0
Attacker Value
Unknown
CVE-2021-1669
Disclosure Date: January 12, 2021 (last updated January 21, 2021)
Windows Remote Desktop Security Feature Bypass Vulnerability
0
Attacker Value
Unknown
CVE-2021-1674
Disclosure Date: January 12, 2021 (last updated January 21, 2021)
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
0