Fwd: [CIVN-2020-0282] Remote Code Execution Vulnerability in Hyper-V RemoteFX vGPU

Remote Code Execution Vulnerability in Hyper-V RemoteFX vGPU

Severity Rating: HIGH

Software Affected 

•Windows Server 2008 R2 for x64-based Systems Service Pack 1  

•Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server

Core installation)

•Windows Server 2012     

•Windows Server 2012 (Server Core installation)    

•Windows Server 2012 R2     

•Windows Server 2012 R2 (Server Core installation)    

•Windows Server 2016    

•Windows Server 2016 (Server Core installation)

Overview 

A vulnerability has been reported in Hyper-V RemoteFX vGPU which could

allow an attacker to conduct remote code execution on the targeted system. 

Description

This vulnerability exists in Hyper-V RemoteFX vGPU due to an error while

validating input from an authenticated user on a guest operating system. A

remote attacker could exploit this vulnerability by running a specially

crafted application, attacking certain third-party video drivers running on

Hyper-V host. 

Successful exploitation of this vulnerability could allow an attacker to

conduct remote code execution on the targeted system. 

Solution

•There is no patch to fix this vulnerability. RemoteFX vGPU has been

deprecated in Windows Server 2019 and users are advised to use Discrete

Device Assignment (DDA) instead of RemoteFX vGPU.

Vendor Information

Microsoft

- -1032

- -1036

- -1040

- -1041

- -1042

- -1043

References

Microsoft

- -1032

- -1036

- -1040

- -1041

- -1042

- -1043

CVE Name

CVE-2020-1032

CVE-2020-1036

CVE-2020-1040

CVE-2020-1041

CVE-2020-1042

CVE-2020-1043