Published: 2020-02-11

Description:
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka ‘Remote Desktop Client Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0681.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore

9.3/10

10/10

8.6/10

Exploit range
Attack complexity
Authentication

Remote

Medium

No required

Confidentiality impact
Integrity impact
Availability impact

Complete

Complete

Complete

 References:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0734

closedb();
?>


Copyright 2020, cxsecurity.com

 



Source link

Write a comment:
*

Your email address will not be published.