By Admin on January 15, 2020

CVE-2020-0610 Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability

Breaches, Alerts & Advisories


Integrity360 is actively monitoring a remote code execution vulnerability that exists in Windows Remote Desktop Gateway (RD Gateway) (CVE-2020-0610).

The Threat

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.

Known affected versions

  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server 2019


As of now, Microsoft has not identified any workarounds or mitigating factors for this vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application.

Failed exploit attempts will likely cause a denial-of-service condition.

To successfully exploit this flaw, an attacker must have to trick the user to connect to a malicious server, making exploitation of this flaw less likely. But Microsoft still rates this as critical severity.

More information

Should you require assistance with applying the fix or upgrading, please contact your account manager or email As always, Integrity360 Managed Security Service customers will already be covered through our proactive security approach.