![]() RDCMan used to be a popular tool to collect, categorize and use multiple remote desktop connections in Microsoft-oriented networks. It was available as a free download until March 2020 when a critical vulnerability ( CVE-2020-0765) was found in the program. ![]() The version we used back then (version 2.7) dated back to 2014.Īn information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. To exploit the vulnerability, an attacker could create an RDG file containing specially crafted XML content and convince an authenticated user to open the file. On March 12, 2020, Microsoft didn’t recommended uninstalling Remote Desktop Connection Manager (RDCMan), but many admins removed it from their management boxes and resorted to alternatives like mRemoteNG, RD Tabs, RDM and even purely paid solutions like RoyalTS. Their way of thinking was that by uninstalling RDCMan, an attacker could no longer trick them into use RDCMan using files with the *.rdg extension. Version 2.8 of Remote Desktop Connection Manager (RDCMan) is released as part of the SysInternals suite.
0 Comments
Leave a Reply. |