Their way of thinking was that by uninstalling RDCMan, an attacker could no longer trick them into use RDCMan using files with the *.rdg extension. On March 12, 2020, Microsoft didn’t recommended uninstalling Remote Desktop Connection Manager (RDCMan), but many admins removed it from their management boxes and resorted to alternatives like mRemoteNG, RD Tabs, RDM and even purely paid solutions like RoyalTS. To exploit the vulnerability, an attacker could create an RDG file containing specially crafted XML content and convince an authenticated user to open the file. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. The version we used back then (version 2.7) dated back to 2014.Īn information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity. It was available as a free download until March 2020 when a critical vulnerability ( CVE-2020-0765) was found in the program.
RDCMan used to be a popular tool to collect, categorize and use multiple remote desktop connections in Microsoft-oriented networks. This version, released as part of the SysInternals suite, solves a critical vulnerability and allows admins in Microsoft-oriented networks to enjoy remote desktop connections again (relatively) safely. Microsoft released a new version of Remote Desktop Connection Manager (RDCMan) this week.
0 kommentar(er)
