CVE CVE-2020-11039 Mappings

In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-11039 FreeRDP primary_impact T1574 Hijack Execution Flow
CVE-2020-11039 FreeRDP primary_impact T1005 Data from Local System
CVE-2020-11039 FreeRDP primary_impact T1499.004 Application or System Exploitation