Remote Code Execution Vulnerability in RDPCore.dll Allows Unauthorized Access to IRM Next Generation Booking Engine

Remote Code Execution Vulnerability in RDPCore.dll Allows Unauthorized Access to IRM Next Generation Booking Engine

CVE-2023-39420 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application.

Learn more about our User Device Pen Test.