A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka ‘Remote Desktop Services Remote Code Execution Vulnerability’.
Recent assessments:
zeroSteiner at May 14, 2020 3:27pm UTC reported:
A vulnerability exists within PathCchCanonicalize
that can be leveraged by a malicious RDP server to write files on a connected RDP client system. The vulnerability is related to how forward and back slash characters are processed and is related to the older CVE-2019-0887 in the sense that this vulnerability is a bypass for the mitigation which it introduced.
Exploiting this vulnerability would involve an attacker configuring a malicious RDP server and then tricking a client to connect to it, authenticate to it and then initiate a copy and paste operation from the malicious server to their client system.
Assessed Attacker Value: 2
Assessed Attacker Value: 2Assessed Attacker Value: 2