CVE-2020-15860 : What You Need to Know
Learn about CVE-2020-15860, a critical vulnerability in Parallels Remote Application Server (RAS) 17.1.1 allowing remote code execution. Find out the impact, affected systems, and mitigation steps.
Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error that leads to remote code execution, allowing authenticated users to run applications on the backend operating system through the web application. This vulnerability enables access to any host in the internal domain, even if not associated with the server farm.
Understanding CVE-2020-15860
This CVE involves a critical security issue in Parallels Remote Application Server (RAS) 17.1.1.
What is CVE-2020-15860?
CVE-2020-15860 is a Business Logic Error in Parallels RAS 17.1.1 that permits remote code execution by authenticated users, enabling the execution of applications on the backend OS through the web app. It also allows access to any host in the internal domain, even if not linked to the server farm.
The Impact of CVE-2020-15860
The vulnerability poses a severe threat as it allows unauthorized execution of applications and access to internal hosts, compromising the security of the system and potentially leading to unauthorized data access or manipulation.
Technical Details of CVE-2020-15860
This section provides detailed technical insights into the CVE.
Vulnerability Description
The Business Logic Error in Parallels RAS 17.1.1 enables remote code execution, granting users the ability to run applications on the backend OS through the web app. Additionally, it allows access to any host in the internal domain.
Affected Systems and Versions
- Product: Parallels Remote Application Server (RAS) 17.1.1
- Vendor: Parallels
- Versions: All versions are affected
Exploitation Mechanism
The vulnerability can be exploited by authenticated users to execute applications on the backend OS via the web application, bypassing the need for the affected application to be published. It also allows access to any host in the internal domain.
Mitigation and Prevention
Protecting systems from CVE-2020-15860 requires immediate action and long-term security measures.
Immediate Steps to Take
- Apply security patches provided by Parallels promptly.
- Restrict access to the Parallels RAS system to authorized users only.
- Monitor network traffic for any suspicious activities.
Long-Term Security Practices
- Conduct regular security audits and penetration testing.
- Educate users on best practices for secure system usage.
- Implement network segmentation to limit the impact of potential breaches.
Patching and Updates
Ensure that all systems running Parallels RAS are updated with the latest security patches to mitigate the risk of exploitation.