CVE-2020-0660
published 2020-02-11CVE-2020-0660: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
Affected
57 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1903_for_32-bit_systems | — | — |
| microsoft | windows_10_version_1903_for_arm64-based_systems | — | — |
| microsoft | windows_10_version_1903_for_x64-based_systems | — | — |
Microsoft
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
vendor_msrc·2020-02-11·CVSS 7.5
CVE-2020-0660 [HIGH] Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Description: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.
To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.
The update addresses the vulnerability by correcting how RDP handles connection requests.
Windows RDP: Windows RDP
Microsoft: Microsoft
Impact: Denial of Service
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation L
GHSA
GHSA-m7xp-6h5p-h737: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially
ghsa_unreviewed·2022-05-24
CVE-2020-0660 [MEDIUM] CWE-20 GHSA-m7xp-6h5p-h737: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
No detection rules found.
No public exploits indexed.
Trendmicro
Patch Tuesday: Fixes for LNK, RDP, and Trident
blogs_trendmicro·2020-02-12·CVSS 7.5
[HIGH] Patch Tuesday: Fixes for LNK, RDP, and Trident
Exploits & Vulnerabilities
# Patch Tuesday: Fixes for LNK, RDP, and Trident
February Patch Tuesday brings an even wider range of fixes than January. It addresses a total of 99 vulnerabilities — including 12 classified as Critical. Only five of the vulnerabilities were made public before the patches were released.
By: Trend Micro
2020/02/12
Read time: ( words)
Save to Folio
The first Patch Tuesday of 2020 in January brought an unusually long list of patches, but February brings an even wider range of fixes that address a total of 99 vulnerabilities — including 12 classified as Critical, with the remaining 99 deemed Important. Only five of the vulnerabilities were made public before the patches were released; one of these was rated as Critical.
New Critical vulnerabilities of note inc
Tenable
Microsoft’s February 2020 Patch Tuesday Addresses 99 CVEs Including Internet Explorer Zero-Day (CVE-2020-0674)
blogs_tenable·2020-02-11·CVSS 7.5
[HIGH] Microsoft’s February 2020 Patch Tuesday Addresses 99 CVEs Including Internet Explorer Zero-Day (CVE-2020-0674)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Talos
Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-02-11·CVSS 8.8
[HIGH] Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 98 vulnerabilities, 12 of which are considered critical and 84 that are considered important. There are also two bugs that were not assigned a severity.
This month's patches include updates to the Windows kernel, the Windows scripting engine and Remote Desktop Procol, among other software and features. Microsoft also provided a critical advisory covering updates to Adobe Flash Player.
Talos released a new set of SNORTⓇ rules today that provide coverage for some of these vulnerabilities, which you can see here.
### Critical vulnerabilities Microsoft disclosed 12 critical vulnerabilities this mo
Talos
Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-02-11·CVSS 7.5
[HIGH] Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage
## Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 98 vulnerabilities, 12 of which are considered critical and 84 that are considered important. There are also two bugs that were not assigned a severity.
This month's patches include updates to the Windows kernel, the Windows scripting engine and Remote Desktop Procol, among other software and features. Microsoft also provided a critical advisory covering updates to Adobe Flash Player.
Talos released a new set of SNORTⓇ rules today that provide coverage for some of these vulnerabilities, which you can see here
2020-02-11
Published