CVE-2020-16896: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Overview

Severity

High (CVSS 7.5)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

Category

Information Disclosure

Exploit Status

Not Exploited

Exploitation Likelihood

More Likely

Patch Tuesday

2020-Oct

Released

2020-10-13

EPSS Score

10.56% (percentile: 93.3%)

Description

An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services. The update addresses the vulnerability by correcting how RDP handles connection requests.

FAQ

What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized read access to Windows RDP server process.

Affected Products (34)

Other

• 11497
• 11498
• 11563
• 11568
• 11569
• 11570
• 11571
• 11572
• 11712
• 11713
• 11714
• 11715
• 11453
• 11454
• 11583
• 11644
• 11645
• 11646
• 11647
• 11766
• 11767
• 11768
• 11769
• 10729
• 10735
• 10852
• 10853
• 10816
• 10855
• 10481
• 10482
• 10484
• 10483
• 10543

Security Updates (9)

• 4580330
• 4577668
• 4577671
• 4580328
• 4579311
• 4580327
• 4580346
• 4580347
• 4580358

Acknowledgments

VictorV (Tang Tianwen)

Revision History

• 2020-10-13: Information published.