Unauthenticated RCE in RD Gateway CVE-2020-0609

[fencepost]

https://www.kb.cert.org/vuls/id/491944/

@YeOldeStonecat pretty sure you're using that in places, anyone else? @trevm999 ?

Just in case this gets missed in all the hullabaloo about the crypt32 problem with signature validation in CVE-2020-0601

By sending a specially-crafted request to a Remote Desktop Gateway server, an unauthenticated remote attacker to execute arbitrary code with SYSTEM privileges.

 

[trevm999]

Thanks, one of our teams is using RD Gateway

 

[YeOldeStonecat]

https://www.kb.cert.org/vuls/id/491944/

@YeOldeStonecat pretty sure you're using that in places, anyone else? @trevm999 ?

Just in case this gets missed in all the hullabaloo about the crypt32 problem with signature validation in CVE-2020-0601

Yeah got 2 or so left....thanks..will ensure this got shoved in.

 

[fencepost]

Reddit comment today indicates that a researcher already has a partial proof of concept, so it's probably going to be a target as fast as the Citrix Netscaler thing.