A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka ‘Remote Desktop Client Remote Code Execution Vulnerability’.
Recent assessments:
busterb at January 15, 2020 2:29am UTC reported:
This is a client-side exploit, which would require spoofing an existing server. If an exploit surfaced, this might be useful for targeting admins, or even other attackers. Would make an interesting addition to a ‘hack back’ honeypot.
Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 2