PT-2020-4281 · Microsoft · Windows Remote Desktop Protocol+1

Published

2020-10-13

Updated

2023-12-31

CVE-2020-16927

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Protocol (RDP) (affected versions not specified)

Description: A denial of service issue exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. This could cause the RDP service on the target system to stop responding. To exploit this issue, an attacker would need to run a specially crafted application against a server that provides Remote Desktop Protocol (RDP) services. The issue arises from insufficient input validation in Remote Desktop Services (RDS) in Windows operating systems.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2020-04773

CVE-2020-16927

Affected Products

Windows

Windows Remote Desktop Protocol

PT-2020-4281 · Microsoft · Windows Remote Desktop Protocol+1

CVE-2020-16927

Weakness Enumeration

Related Identifiers

Affected Products

References · 8