cnvd - cnvd-2020-24133

cnvd-2020-24133

Vulnerability from cnvd

Title

Microsoft Windows Remote Desktop for Mac提权漏洞

Description

Microsoft Windows和Microsoft Windows Server都是美国微软（Microsoft）公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Remote Desktop Services是其中的一个远程桌面服务组件。 Microsoft Remote Desktop for Mac中存在提权漏洞，攻击者可通过获取用户系统的访问权限利用该漏洞加载未签名的二进制文件。

Severity

中

Patch Name

Microsoft Windows Remote Desktop for Mac提权漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0919

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-0919

Impacted products

Name
Microsoft Remote Desktop for Mac

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-0919"
    }
  },
  "description": "Microsoft Windows\u548cMicrosoft Windows Server\u90fd\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Microsoft Windows\u662f\u4e00\u5957\u4e2a\u4eba\u8bbe\u5907\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows Server\u662f\u4e00\u5957\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002Remote Desktop Services\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u7ec4\u4ef6\u3002\n\nMicrosoft Remote Desktop for Mac\u4e2d\u5b58\u5728\u63d0\u6743\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u83b7\u53d6\u7528\u6237\u7cfb\u7edf\u7684\u8bbf\u95ee\u6743\u9650\u5229\u7528\u8be5\u6f0f\u6d1e\u52a0\u8f7d\u672a\u7b7e\u540d\u7684\u4e8c\u8fdb\u5236\u6587\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0919",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-24133",
  "openTime": "2020-04-23",
  "patchDescription": "Microsoft Windows\u548cMicrosoft Windows Server\u90fd\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Microsoft Windows\u662f\u4e00\u5957\u4e2a\u4eba\u8bbe\u5907\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows Server\u662f\u4e00\u5957\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002Remote Desktop Services\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u7ec4\u4ef6\u3002\r\n\r\nMicrosoft Remote Desktop for Mac\u4e2d\u5b58\u5728\u63d0\u6743\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u83b7\u53d6\u7528\u6237\u7cfb\u7edf\u7684\u8bbf\u95ee\u6743\u9650\u5229\u7528\u8be5\u6f0f\u6d1e\u52a0\u8f7d\u672a\u7b7e\u540d\u7684\u4e8c\u8fdb\u5236\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows Remote Desktop for Mac\u63d0\u6743\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Microsoft Remote Desktop for Mac"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-0919",
  "serverity": "\u4e2d",
  "submitTime": "2020-04-16",
  "title": "Microsoft Windows Remote Desktop for Mac\u63d0\u6743\u6f0f\u6d1e"
}

CVE-2020-0919 (GCVE-0-2020-0919)

Vulnerability from cvelistv5

Published

2020-04-15 15:12

Modified

2024-08-04 06:18

Severity ?

CWE

Elevation of Privilege

Summary

An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'.

References

URL

Tags

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919

x_refsource_MISC