Windows Shell
CVE-2020-0655 — Remote Desktop Services Remote Code Execution Vulnerability
Executive Summary
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker must already have compromised a system running Remote Desktop Services, and then wait for a victim system to connect to Remote Desktop Services. The update addresses the vulnerability by correcting how Remote Desktop Services handles clipboard redirection.
Overview
8
CVSS HIGH
Important
MS Severity
Not Exploited
MS Exploit Status
Less Likely
MS Exploit Likelihood
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
ATTACK VECTOR
Network
ATTACK COMPLEXITY
Low
PRIVILEGES REQUIRED
Low
USER INTERACTION
Required
SCOPE
Unchanged
CONFIDENTIALITY
High
INTEGRITY
High
AVAILABILITY
High
EXPLOIT CODE MATURITY
Proof-of-Concept
REMEDIATION LEVEL
Official Fix
REPORT CONFIDENCE
Confirmed
Temporal Score: 7.2
EPSS Score
0.65693
probability of exploitation in the next 30 days
0.99169 percentile - updated 2026-06-21
View on FIRST.org
Affected Products
31 affected products
| Product | KB Article | Severity | Impact | Restart Required |
|---|---|---|---|---|
| Windows 10 for 32-bit Systems | 4537776 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 for x64-based Systems | 4537776 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1607 for 32-bit Systems | 4537764 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1607 for x64-based Systems | 4537764 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1709 for 32-bit Systems | 4537789 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1709 for ARM64-based Systems | 4537789 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1709 for x64-based Systems | 4537789 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1803 for 32-bit Systems | 4537762 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1803 for ARM64-based Systems | 4537762 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1803 for x64-based Systems | 4537762 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1809 for 32-bit Systems | 4532691 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1809 for ARM64-based Systems | 4532691 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1809 for x64-based Systems | 4532691 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1903 for 32-bit Systems | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1903 for ARM64-based Systems | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1903 for x64-based Systems | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1909 for 32-bit Systems | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1909 for ARM64-based Systems | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1909 for x64-based Systems | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 11 for ARM64-based Systems | 5008215 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 11 for x64-based Systems | 5008215 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 7 for 32-bit Systems Service Pack 1 4537820 (Monthly Rollup) 4537813 (Security Only) Important Remote Code Execution 4534310 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537813 Windows 7 for x64-based Systems Service Pack 1 4537820 (Monthly Rollup) 4537813 (Security Only) Important Remote Code Execution 4534310 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537813 Windows 8.1 for 32-bit systems 4537821 (Monthly Rollup) 4537803 (Security Only) Important Remote Code Execution 4534297 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537821 4537803 4537821 Windows 8.1 for x64-based systems 4537821 (Monthly Rollup) 4537803 (Security Only) Important Remote Code Execution 4534297 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537821 4537803 4537821 Windows RT 8.1 | 4537821 (Monthly Rollup) |
Important | Remote Code Execution | Yes |
| Windows Server 2008 for 32-bit Systems Service Pack 2 4537810 (Monthly Rollup) 4537822 (Security Only) Important Remote Code Execution 4534303 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes None Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4537810 (Monthly Rollup) 4537822 (Security Only) Important Remote Code Execution 4534303 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes None Windows Server 2008 for x64-based Systems Service Pack 2 4537810 (Monthly Rollup) 4537822 (Security Only) Important Remote Code Execution 4534303 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes None Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4537810 (Monthly Rollup) 4537822 (Security Only) Important Remote Code Execution 4534303 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes None Windows Server 2008 R2 for x64-based Systems Service Pack 1 4537820 (Monthly Rollup) 4537813 (Security Only) Important Remote Code Execution 4534310 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537813 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4537820 (Monthly Rollup) 4537813 (Security Only) Important Remote Code Execution 4534310 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537813 Windows Server 2012 4537814 (Monthly Rollup) 4537794 (Security Only) Important Remote Code Execution 4534283 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537814 4537794 Windows Server 2012 (Server Core installation) 4537814 (Monthly Rollup) 4537794 (Security Only) Important Remote Code Execution 4534283 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537814 4537794 Windows Server 2012 R2 4537821 (Monthly Rollup) 4537803 (Security Only) Important Remote Code Execution 4534297 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537821 4537803 4537821 Windows Server 2012 R2 (Server Core installation) 4537821 (Monthly Rollup) 4537803 (Security Only) Important Remote Code Execution 4534297 Base: 8.0 Temporal: 7.2 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Yes 4537821 4537803 4537821 Windows Server 2016 | 4537764 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server 2016 (Server Core installation) | 4537764 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server 2019 | 4532691 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server 2019 (Server Core installation) | 4532691 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server 2022 | 5008223 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server 2022 (Server Core installation) | 5008223 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server, version 1803 (Server Core Installation) | 4537762 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server, version 1903 (Server Core installation) | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server, version 1909 (Server Core installation) | 4532693 (Security Update) |
Important | Remote Code Execution | Yes |
Patches
9 patches
| Article | Type | Restart |
|---|---|---|
4537776 |
Security Update | Yes |
4537764 |
Security Update | Yes |
4537789 |
Security Update | Yes |
4537762 |
Security Update | Yes |
4532691 |
Security Update | Yes |
4532693 |
Security Update | Yes |
5008215 |
Security Update | Yes |
4537821 |
Monthly Rollup | Yes |
5008223 |
Security Update | Yes |
Known Exploits
No known exploits have been linked for this CVE yet. When available, exploit references will be sourced from public repositories and may be unverified, incomplete, or non-functional. Always review code carefully before use in any environment.
Acknowledgments
VictorV(Tangtianwen), Eyal Itkin from Check Point Research
References
On This Page