CVE-2020-0612: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Overview

Severity

High (CVSS 7.5)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

Category

Denial of Service

Exploit Status

Not Exploited

Patch Tuesday

2020-Jan

Released

2020-01-14

Last Updated

2020-01-16

EPSS Score

10.03% (percentile: 93.1%)

Description

A denial of service vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RD Gateway service on the target system to stop responding. To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides RD Gateway services. The update addresses the vulnerability by correcting how RD Gateway handles connection requests.

FAQ

What network ports are vulnerable to this attack? The vulnerability only affects UDP transport, which by default runs on UDP port 3391.

Affected Products (2)

Windows

• Windows Server 2019
• Windows Server 2016

Security Updates (2)

• 4534273
• 4534271

Acknowledgments

Microsoft Platform Security Assurance & Vulnerability Research

Revision History

• 2020-01-14: Information published.
• 2020-01-16: Added an FAQ. This is an information change only.