Description

<p>A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the Remote Desktop Service on the target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Service.</p> <p>The update addresses the vulnerability by correcting how Remote Desktop Service handles connection requests.</p>

Related CPE's

o

microsoft

windows_7

-

sp1

Vulnerable

o

microsoft

windows_server_2008

r2

sp1

*

*

*

*

x64

Vulnerable

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16863

PatchVendor Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2020-10-16T23:15:12.587

4 years ago

Last modified

2023-12-31T20:15:46.297

1 year ago