Main Vulnerability Database Exploits ID:2779 - Exploit for Permissions, Privileges, and Access Controls in Windows and Windows Server - CVE-2020-0655

ID:2779 - Exploit for Permissions, Privileges, and Access Controls in Windows and Windows Server - CVE-2020-0655

Published: May 26, 2020

Vulnerability identifier: #VU25229

Vulnerability risk: Low

CVE-ID: CVE-2020-0655

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://cpr-zero.checkpoint.com/vulns/cprid-2136/

Vulnerability description

The vulnerability allows a remote authenticated user to escalate privileges on the system.

The vulnerability exists due to the way Remote Desktop Services formerly known as Terminal Services handles clipboard redirection. A remote authenticated user with access to a system running Remote Desktop Services can abuse clipboard redirection and execute arbitrary code in the context of another user's session.

Remediation

Install updates from vendor's website.

ID:2779 - Exploit for Permissions, Privileges, and Access Controls in Windows and Windows Server - CVE-2020-0655

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human