Attacker Value
Moderate
(1 user assessed)
Exploitability
Low
(1 user assessed)
User Interaction
Required
Privileges Required
None
Attack Vector
Network
0

Remote Desktop Client remote code execution vulnerability

Disclosure Date: January 14, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka ‘Remote Desktop Client Remote Code Execution Vulnerability’.

Add Assessment

1
Ratings
  • Attacker Value
    Medium
  • Exploitability
    Low
Technical Analysis

This is a client-side exploit, which would require spoofing an existing server. If an exploit surfaced, this might be useful for targeting admins, or even other attackers. Would make an interesting addition to a ‘hack back’ honeypot.

CVSS V3 Severity and Metrics
Base Score:
7.5 High
Impact Score:
5.9
Exploitability Score:
1.6
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
Required
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Vendors

  • microsoft

Products

  • windows 10 -,
  • windows 10 1607,
  • windows 10 1709,
  • windows 10 1803,
  • windows 10 1809,
  • windows 10 1903,
  • windows 10 1909,
  • windows 7 -,
  • windows 8.1,
  • windows rt 8.1,
  • windows server 2008 r2,
  • windows server 2012 -,
  • windows server 2012 r2,
  • windows server 2016 -,
  • windows server 2016 1803,
  • windows server 2016 1903,
  • windows server 2016 1909,
  • windows server 2019 -

Additional Info

Technical Analysis