Pivotal · Rabbitmq · CVE-2020-5419
**Name of the Vulnerable Software and Affected Versions**
RabbitMQ versions 3.8.x prior to 3.8.7
**Description**
The issue allows for arbitrary code execution due to a Windows-specific binary planting security vulnerability. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking attack and execute arbitrary code.
**Recommendations**
For RabbitMQ versions 3.8.x prior to 3.8.7, update to version 3.8.7 or later to resolve the issue.