A self-described “reverser/pwner [and] Windows kernel hacker” has demoed a working exploit for two recently discovered vulnerabilities in Windows Remote Desktop Gateway (RD Gateway).
The exploit takes advantage of the CVE-2020-0609 and CVE-2020-0610 vulnerabilities which have already been shown to make a denial of service attack possible. Now Luca Marcelli has shown how the same vulnerabilities can be exploited in a Remote Code Execution attack.
There are patches for the vulnerabilities — which affect Windows Server — but Marcelli acknowledges that not everyone will be able to install these immediately, or indeed at all. As such information about the exploit is a little thin, although a video showing it in action is available.
Source: Beta News