CVE-2020-0919: Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability

Overview

Severity

N/A

Category

Elevation of Privilege

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2020-Apr

Released

2020-04-14

EPSS Score

0.37% (percentile: 58.9%)

Description

An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries. An attacker could then install programs; view, change, or delete data with the logged in user's privileges. To exploit this vulnerability, an attacker would have to first get access to the victim's system. The update addresses the vulnerability by correcting how Remote Desktop App for Mac validates signatures.

Affected Products (1)

Apps

• Microsoft Remote Desktop for Mac

Security Updates (1)

• Release Notes

Acknowledgments

Yigit Can YILMAZ <a href="https://twitter.com/yilmazcanyigit">(@yilmazcanyigit)</a>

Revision History

• 2020-04-14: Information published.