CVE-2020-0610

Integrity360 is actively monitoring a remote code execution vulnerability that exists in Windows Remote Desktop Gateway (RD Gateway) (CVE-2020-0610).

The Threat

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.

Known affected versions

  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server 2019

Recommendations

As of now, Microsoft has not identified any workarounds or mitigating factors for this vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application.

Failed exploit attempts will likely cause a denial-of-service condition.

To successfully exploit this flaw, an attacker must have to trick the user to connect to a malicious server, making exploitation of this flaw less likely. But Microsoft still rates this as critical severity.

More information

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0610

Should you require assistance with applying the fix or upgrading, please contact your account manager or email info@integrity360.com. As always, Integrity360 Managed Security Service customers will already be covered through our proactive security approach.

Subscribe to our blog here!